--- loncom/lond	2004/03/08 20:13:07	1.165.2.3
+++ loncom/lond	2004/04/08 20:11:12	1.165.2.4
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.165.2.3 2004/03/08 20:13:07 albertel Exp $
+# $Id: lond,v 1.165.2.4 2004/04/08 20:11:12 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -52,7 +52,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.165.2.3 $'; #' stupid emacs
+my $VERSION='$Revision: 1.165.2.4 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid;
 my $currentdomainid;
@@ -2856,6 +2856,16 @@ sub make_passwd_file {
 	}
     } elsif ($umode eq 'unix') {
 	{
+	    #
+	    #  Don't allow the creation of privileged accounts!!! that would
+	    #  be real bad!!!
+	    #
+	    my $uid = getpwnam($uname);
+	    if((defined $uid) && ($uid == 0)) {
+		&logthis(">>>Attempted to create privilged account blocked");
+		return "no_priv_account_error\n";
+	    }
+
 	    my $execpath="$perlvar{'lonDaemons'}/"."lcuseradd";
 	    {
 		&Debug("Executing external: ".$execpath);