From ae0115d8dbf05c52c631ea915f036a2129cd033e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 23 Jul 2007 02:10:11 +0000 Subject: r23994: Finish my work to ensure that non-root and non-administrator users cannot vampire, provision or upgrade a Samba4 server via SWAT. (The previous commit was an accident, and not complete). This should get Samba4 closer to being 'secure' for an alpha release. Andrew Bartlett (This used to be commit 3b6695de36bcea8a76001c9a5585eac871646450) --- webapps/install/index.esp | 34 +++++++++++++++++++++++++++------- 1 file changed, 27 insertions(+), 7 deletions(-) (limited to 'webapps/install/index.esp') diff --git a/webapps/install/index.esp b/webapps/install/index.esp index 5a73b7751f..73b7ea24d5 100644 --- a/webapps/install/index.esp +++ b/webapps/install/index.esp @@ -1,20 +1,40 @@ <% page_header("columns", "Server Installation", "install"); + +if (session.authinfo.user_class == "ADMINISTRATOR" + || session.authinfo.user_class == "SYSTEM") { + %>

Installation

-Welcome to Samba4 installation. Before proceeding, you will need to -know: +

Welcome to Samba4 installation. Before proceeding, you will need to +know:

-After you have decided on those, choose the 'Provisioning' menu item -on the left, and fill in the form.

+

After you have decided on those, choose the 'Provisioning' menu item +on the left, and fill in the form.

+ +

Warning! When you provision, your existing user database is +wiped and replaced with a new one.

+ +<% + +} else { + +%> + +

Installation

+ +

To install Samba4, you must have logged in as root, or administrator of the previously configured domain.

+ +

Warning! When you provision, your existing user database is +wiped and replaced with a new one.

-Warning! When you provision, your existing user database is -wiped and replaced with a new one. +<% -<% page_footer(); %> +} +page_footer(); %> -- cgit