From 9727fdb06186121da17656921e03b37166169b79 Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Mon, 27 Feb 2006 13:26:35 +0000
Subject: [PATCH] added Tim's patch

---
 lam/HISTORY          |  2 ++
 lam/lib/lamdaemon.pl | 27 ++++++++++++++++++++++++++-
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/lam/HISTORY b/lam/HISTORY
index 47c6eff0..9c523a24 100644
--- a/lam/HISTORY
+++ b/lam/HISTORY
@@ -10,6 +10,8 @@
     -> fixed language setting in default configuration profile
     -> fixed PHP5 warnings (getdate() and mktime())
     -> error messages in Samba domain module (1437425)
+    -> fixed expired passwords with shadowAccount module
+    -> added lamdaemon.pl compatibility and security patches by Tim Rice
 
 
 08.02.2006 1.0.rc2
diff --git a/lam/lib/lamdaemon.pl b/lam/lib/lamdaemon.pl
index e7bed483..6aa086c7 100755
--- a/lam/lib/lamdaemon.pl
+++ b/lam/lib/lamdaemon.pl
@@ -22,6 +22,27 @@
 #
 #  LDAP Account Manager daemon to create and delete homedirecotries and quotas
 
+# set a known path
+my $path = "";
+if (-d "/sbin") {
+	if ($path eq "") { $path = "/sbin"; }
+	else { $path = "$path:/sbin"; }
+}
+if (-d "/usr/sbin") {
+	if ($path eq "") { $path = "/usr/sbin"; }
+	else { $path = "$path:/usr/sbin"; }
+}
+if (-l "/bin") {
+	if ($path eq "") { $path = "/usr/bin"; }
+	else { $path = "$path:/usr/bin"; }
+}
+else {
+	if ($path eq "") { $path = "/bin:/usr/bin"; }
+	else { $path = "$path:/bin:/usr/bin"; }
+}
+if (-d "/opt/sbin") { $path = "$path:/opt/sbin"; }
+if (-d "/opt/bin") { $path = "$path:/opt/bin"; }
+$ENV{"PATH"} = $path;
 
 #use strict; # Use strict for security reasons
 
@@ -111,11 +132,15 @@ if ($< == 0 ) { # we are root
 						$vals[2] eq 'rem' && do {
 							($<, $>) = ($>, $<); # Get root previliges
 							if (-d $user[7] && $user[7] ne '/') {
-								# Fixme, only delete files owned by user.
+							    if ((stat($user[7]))[4] eq $user[2]) {
 								system 'rm', '-R', $user[7]; # Delete Homedirectory
 								if (-e '/usr/sbin/userdel.local') {
 									system '/usr/sbin/userdel.local', $user[0];
 									}
+							    }
+							    else {
+								$return = "ERROR,Lamdaemon,Homedirectory not owned by $user[2].:$return";
+							    }
 								}
 							else {
 								$return = "ERROR,Lamdaemon,Homedirectory doesn't exists.:$return";