do not allow to change system user passwords
authorDietmar Maurer <dietmar@proxmox.com>
Thu, 9 Feb 2012 10:26:37 +0000 (11:26 +0100)
committerDietmar Maurer <dietmar@proxmox.com>
Thu, 9 Feb 2012 10:26:37 +0000 (11:26 +0100)
PVE/API2/AccessControl.pm

index a3829fd..0ef31fa 100644 (file)
@@ -260,6 +260,8 @@ __PACKAGE__->register_method ({
            } else {
                # only root may change root password
                raise_perm_exc() if $userid eq 'root@pam';
+               # do not allow to change system user passwords
+               raise_perm_exc() if $realm eq 'pam';
            }
        }