--- loncom/lond	2004/03/16 20:57:49	1.185
+++ loncom/lond	2004/04/07 10:02:11	1.186
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.185 2004/03/16 20:57:49 albertel Exp $
+# $Id: lond,v 1.186 2004/04/07 10:02:11 foxr Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -53,7 +53,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.185 $'; #' stupid emacs
+my $VERSION='$Revision: 1.186 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid;
 my $currentdomainid;
@@ -3141,6 +3141,16 @@ sub make_passwd_file {
 	}
     } elsif ($umode eq 'unix') {
 	{
+	    #
+	    #  Don't allow the creation of privileged accounts!!! that would
+	    #  be real bad!!!
+	    #
+	    my $uid = getpwnam($uname);
+	    if((defined $uid) && ($uid == 0)) {
+		&logthis(">>>Attempted to create privilged account blocked");
+		return "no_priv_account_error\n";
+	    }
+
 	    my $execpath="$perlvar{'lonDaemons'}/"."lcuseradd";
 	    {
 		&Debug("Executing external: ".$execpath);