sheppy/jeffrey_miller_flask_ftp
1
0
Fork 0
mirror of https://github.com/FAUSheppy/jeffrey_miller_flask_ftp synced 2025-12-09 09:48:31 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

add forbidden users to preven collisons with system users

Browse Source
This commit is contained in:
Yannik Schmidt
2021-08-31 01:01:44 +02:00
parent e90cec3e52
commit 91311a2662
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server.py
View File

@@ -25,6 +25,11 @@ HTTP_INTERNAL_ERR = 500
HTTP_EMPTY = 204 HTTP_EMPTY = 204
EMPTY = "" EMPTY = ""
FORBIDDEN_USERNAMES = ["root", "bin", "daemon", "sys", "sync", "games", "man", "news", "uucp",
"proxy", "www-data", "backup", "list", "irc", "gnats", "nobody", "_apt",
"systemd-timesync", "systemd-network", "systemd-resolve", "messagebus",
"docker", "nginx" , "sshd", "flask"]
# unix useradd requires exactly this salt, do not change # unix useradd requires exactly this salt, do not change
PAM_PASSWD_SALT = "22" PAM_PASSWD_SALT = "22"
@@ -82,6 +87,10 @@ def createUser(webform):
if error: if error:
return error return error
# forbid system users
if username in FORBIDDEN_USERNAMES:
return "Error: Username {} is forbidden because it is a special user.".format(username)
subprocess.run(["/usr/bin/sudo", "./scripts/create_user.sh", cryptPass, username]) subprocess.run(["/usr/bin/sudo", "./scripts/create_user.sh", cryptPass, username])
# track added users to prevent deletion of other users and listing # # track added users to prevent deletion of other users and listing #