force runcron to be run by the right user

htdocs/config2/settings-dist.inc.php

@@ -406,6 +406,7 @@
 	/* cronjob
 	 */
 	$opt['cron']['pidfile'] = $opt['rootpath'] . 'cache2/runcron.pid';
+	$opt['cron']['username'] = 'apache';   // system username for cronjobs
 
 	/* phpbb news integration (index.php)
 	 *

htdocs/util2/cron/runcron.php

@@ -18,18 +18,23 @@
 
 	require($opt['rootpath'] . 'lib2/cli.inc.php');
 
+	// test for user who runs the cronjob
+	$processUser = posix_getpwuid(posix_geteuid());
+	if ($processUser['name'] != $opt['cron']['username'])
+		die("ERROR: runcron must be run by '" . $opt['cron']['username'] . "' but was called by '" . $processUser['name'] . "'\n");
+
 	// use posix pid-files to lock process 
 	if (!CreatePidFile($opt['cron']['pidfile']))
 	{
-      CleanupAndExit($opt['cron']['pidfile'], "Another instance is running!"); 
+		CleanupAndExit($opt['cron']['pidfile'], "Another instance is running!");
-      exit;
+		exit;
 	}
 
 	// Run as system user, if possible.
 	// This is relevant e.g. for publishing and for auto-archiving caches.
 	if ($opt['logic']['systemuser']['user'] != '')
 		if (!$login->system_login($opt['logic']['systemuser']['user']))
-		  die("runcron: system user login failed");
+		  die("ERROR: runcron system user login failed");
 
 	$modules_dir = $opt['rootpath'] . 'util2/cron/modules/';