--- loncom/Attic/lchtmldir	2004/08/05 20:35:55	1.7
+++ loncom/Attic/lchtmldir	2004/10/18 10:56:50	1.9
@@ -167,7 +167,9 @@ if(($dirtry1 ne $dir) or ($dirtry2 ne $d
 
 # As root, create the directory.
 
-my $fulldir = $dirtry1."/public_html";
+my $homedir = $dirtry1;
+my $fulldir = $homedir."/public_html";
+
 if($DEBUG) {
     print("Full directory path is: $fulldir \n");
 }
@@ -207,6 +209,7 @@ it available to students and other instr
 END
     close OUT;
     }
+
 &System("/bin/chmod  02775  $fulldir");
 &System("/bin/chmod  0775  $fulldir"."/index.html");
 
@@ -220,6 +223,13 @@ if($authentication eq "unix:") {	# Unix
     # Internal, Kerberos, and Local authentication are for users
     # who do not have unix accounts on the system.  Therefore we
     # will give ownership of their public_html directories to www:www
+    # If the user is an internal auth user, the rest of the directory tree
+    # gets owned by root.  This chown is needed in case what's really happening
+    # is that a file system user is being demoted to internal user...
+
+    if($authentication eq "internal:") {
+	&System("/bin/chown -R root:root ".$homedir);
+    }
     &System("/bin/chown -R www:www  ".$fulldir);
 }
 &DisableRoot;
@@ -268,7 +278,7 @@ sub JoinGroup {
 
     my $groups = `/usr/bin/groups www`;
     # untaint
-    my ($safegroups)=($groups=~/([\s\w]+)/);
+    my ($safegroups)=($groups=~/:\s+([\s\w]+)/);
     $groups=$safegroups;
     chomp $groups; $groups=~s/^\S+\s+\:\s+//;
     my @grouplist=split(/\s+/,$groups);