From 07c3bd9b777e55d0b8fc988d6583e44861a3ee43 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sun, 15 Mar 2009 08:04:13 -0400
Subject: [PATCH] Improved password protection of website statistics.

---
 server/plugins-available/shelluser_base_plugin.inc.php |    9 ++++++++-
 1 files changed, 8 insertions(+), 1 deletions(-)

diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php
index bf834c7..1420a5e 100755
--- a/server/plugins-available/shelluser_base_plugin.inc.php
+++ b/server/plugins-available/shelluser_base_plugin.inc.php
@@ -87,6 +87,13 @@
 			
 				exec($command);
 				$app->log("Added shelluser: ".$data['new']['username'],LOGLEVEL_DEBUG);
+				
+				//* Disable shell user temporarily if we use jailkit
+				if($data['new']['chroot'] == 'jailkit') {
+					$command = 'usermod -L '.escapeshellcmd($data['new']['username']);
+					exec($command);
+					$app->log("Disabling shelluser temporarily: ".$command,LOGLEVEL_DEBUG);
+				}
 			
 			} else {
 				$app->log("UID = $uid for shelluser:".$data['new']['username']." not allowed.",LOGLEVEL_ERROR);
@@ -141,7 +148,7 @@
 			// Get the UID of the user
 			$userid = intval($app->system->getuid($data['old']['username']));
 			if($userid > $this->min_uid) {
-				$command = 'userdel';
+				$command = 'userdel -f -r';
 				$command .= ' '.escapeshellcmd($data['old']['username']);
 			
 				exec($command);

--
Gitblit v1.9.1