From: Benjamin Kaduk Date: Wed, 26 Mar 2014 11:35:29 +0000 (-0400) Subject: Disallow creating users with ANONYMOUSID X-Git-Tag: upstream/1.8.0_pre1^2~479 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=da12da791e53c8f1ff7f67eda1b58d53a3a2e1cc;p=packages%2Fo%2Fopenafs.git Disallow creating users with ANONYMOUSID It can result only in sadness. Document this restriction alongside UID 0 as a reserved number. Change-Id: Ibea2d98bc15a730bc85e84477791ca45a40f2d92 Reviewed-on: http://gerrit.openafs.org/10950 Tested-by: BuildBot Reviewed-by: Chas Williams - CONTRACTOR Reviewed-by: Benjamin Kaduk --- diff --git a/doc/man-pages/pod1/pts_createuser.pod.in b/doc/man-pages/pod1/pts_createuser.pod.in index 05fcd6885..4bcd1827f 100644 --- a/doc/man-pages/pod1/pts_createuser.pod.in +++ b/doc/man-pages/pod1/pts_createuser.pod.in @@ -52,8 +52,9 @@ creator and the group system:administrators as its owner. =head1 CAUTIONS -The Protection Server reserves AFS UID 0 (zero) and returns an error if -the B<-id> argument has that value. +The Protection Server reserves several AFS UIDs, including 0 (zero) and +32766 (anonymous) for internal use, and returns an error if +the B<-id> argument has a reserved value. =head1 OPTIONS diff --git a/src/ptserver/ptprocs.c b/src/ptserver/ptprocs.c index abc8bc0e5..7d1d6ddb9 100644 --- a/src/ptserver/ptprocs.c +++ b/src/ptserver/ptprocs.c @@ -161,6 +161,8 @@ CreateOK(struct ubik_trans *ut, afs_int32 cid, afs_int32 oid, afs_int32 flag, return 0; } } else { /* creating a user */ + if (oid == ANONYMOUSID) + return 0; if (!admin && !pr_noAuth) return 0; }