summary refs log tree commit diff
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>1999-06-11 20:58:21 +0000
committerUlrich Drepper <drepper@redhat.com>1999-06-11 20:58:21 +0000
commita1c542bfc5684d914cf2af2c3ec9d5432d0b01dc (patch)
treed9b4c2f7304ab104283cee33d80f280c8950b7d6
parent9be8ed9e947e91d83663739406bd04e351c0897e (diff)
downloadglibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.tar.gz
glibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.tar.xz
glibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.zip
Update.
1999-06-11  Thorsten Kukuk  <kukuk@suse.de>

	* nscd/nscd.c: Add -S options for separate caching of data for
	every user. So one user couldn't see the data another user
	has gotten with his credentials.
	* nscd/nscd.h: Add new prototypes.
	* nscd/cache.c: Compare owner of cache entry if in secure mode.
	* nscd/connections.c: Check on shutdown if caller really was root.
	In secure mode get uid of caller.
	* nscd/grpcache.c: Add support for new secure group mode.
	* nscd/hstcache.c: Add support for new secure hosts mode.
	* nscd/pwdcache.c: Add support for new secure passwd mode.
-rw-r--r--ChangeLog13
-rw-r--r--nscd/cache.c10
-rw-r--r--nscd/connections.c61
-rw-r--r--nscd/grpcache.c38
-rw-r--r--nscd/hstcache.c80
-rw-r--r--nscd/nscd.c21
-rw-r--r--nscd/nscd.h29
-rw-r--r--nscd/pwdcache.c40
8 files changed, 225 insertions, 67 deletions
diff --git a/ChangeLog b/ChangeLog
index d68fa422d5..04cda7fb2e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+1999-06-11  Thorsten Kukuk  <kukuk@suse.de>
+
+	* nscd/nscd.c: Add -S options for separate caching of data for
+	every user. So one user couldn't see the data another user
+	has gotten with his credentials.
+	* nscd/nscd.h: Add new prototypes.
+	* nscd/cache.c: Compare owner of cache entry if in secure mode.
+	* nscd/connections.c: Check on shutdown if caller really was root.
+	In secure mode get uid of caller.
+	* nscd/grpcache.c: Add support for new secure group mode.
+	* nscd/hstcache.c: Add support for new secure hosts mode.
+	* nscd/pwdcache.c: Add support for new secure passwd mode.
+
 1999-06-11  Ulrich Drepper  <drepper@cygnus.com>
 
 	* resolv/nss_dns/dns-host.c (getanswer_r): Correctly track usage
diff --git a/nscd/cache.c b/nscd/cache.c
index e57c8686d2..0071c11524 100644
--- a/nscd/cache.c
+++ b/nscd/cache.c
@@ -38,7 +38,8 @@
 
    This function must be called with the read-lock held.  */
 struct hashentry *
-cache_search (int type, void *key, size_t len, struct database *table)
+cache_search (int type, void *key, size_t len, struct database *table,
+	      uid_t owner)
 {
   unsigned long int hash = __nis_hash (key, len) % table->module;
   struct hashentry *work;
@@ -47,8 +48,8 @@ cache_search (int type, void *key, size_t len, struct database *table)
 
   while (work != NULL)
     {
-      if (type == work->type
-	  && len == work->len && memcmp (key, work->key, len) == 0)
+      if (type == work->type && len == work->len
+	  && memcmp (key, work->key, len) == 0 && work->owner == owner)
 	{
 	  /* We found the entry.  Increment the appropriate counter.  */
 	  if (work->data == (void *) -1)
@@ -76,7 +77,7 @@ cache_search (int type, void *key, size_t len, struct database *table)
    the readlock reduces the chance of conflicts.  */
 void
 cache_add (int type, void *key, size_t len, const void *packet, size_t total,
-	   void *data, int last, time_t t, struct database *table)
+	   void *data, int last, time_t t, struct database *table, uid_t owner)
 {
   unsigned long int hash = __nis_hash (key, len) % table->module;
   struct hashentry *newp;
@@ -88,6 +89,7 @@ cache_add (int type, void *key, size_t len, const void *packet, size_t total,
   newp->type = type;
   newp->len = len;
   newp->key = key;
+  newp->owner = owner;
   newp->data = data;
   newp->timeout = t;
   newp->packet = packet;
diff --git a/nscd/connections.c b/nscd/connections.c
index ca139fbddf..3f05d685ef 100644
--- a/nscd/connections.c
+++ b/nscd/connections.c
@@ -195,7 +195,7 @@ close_sockets (void)
 
 /* Handle new request.  */
 static void
-handle_request (int fd, request_header *req, void *key)
+handle_request (int fd, request_header *req, void *key, uid_t uid)
 {
   if (debug_level > 0)
     dbg_log (_("handle_request: request received (Version = %d)"),
@@ -251,7 +251,7 @@ cannot handle old request version %d; current version is %d"),
 
       /* See whether we can handle it from the cache.  */
       cached = (struct hashentry *) cache_search (req->type, key, req->key_len,
-						  db);
+						  db, uid);
       if (cached != NULL)
 	{
 	  /* Hurray it's in the cache.  */
@@ -279,35 +279,35 @@ cannot handle old request version %d; current version is %d"),
   switch (req->type)
     {
     case GETPWBYNAME:
-      addpwbyname (&dbs[serv2db[req->type]], fd, req, key);
+      addpwbyname (&dbs[serv2db[req->type]], fd, req, key, uid);
       break;
 
     case GETPWBYUID:
-      addpwbyuid (&dbs[serv2db[req->type]], fd, req, key);
+      addpwbyuid (&dbs[serv2db[req->type]], fd, req, key, uid);
       break;
 
     case GETGRBYNAME:
-      addgrbyname (&dbs[serv2db[req->type]], fd, req, key);
+      addgrbyname (&dbs[serv2db[req->type]], fd, req, key, uid);
       break;
 
     case GETGRBYGID:
-      addgrbygid (&dbs[serv2db[req->type]], fd, req, key);
+      addgrbygid (&dbs[serv2db[req->type]], fd, req, key, uid);
       break;
 
     case GETHOSTBYNAME:
-      addhstbyname (&dbs[serv2db[req->type]], fd, req, key);
+      addhstbyname (&dbs[serv2db[req->type]], fd, req, key, uid);
       break;
 
     case GETHOSTBYNAMEv6:
-      addhstbynamev6 (&dbs[serv2db[req->type]], fd, req, key);
+      addhstbynamev6 (&dbs[serv2db[req->type]], fd, req, key, uid);
       break;
 
     case GETHOSTBYADDR:
-      addhstbyaddr (&dbs[serv2db[req->type]], fd, req, key);
+      addhstbyaddr (&dbs[serv2db[req->type]], fd, req, key, uid);
       break;
 
     case GETHOSTBYADDRv6:
-      addhstbyaddrv6 (&dbs[serv2db[req->type]], fd, req, key);
+      addhstbyaddrv6 (&dbs[serv2db[req->type]], fd, req, key, uid);
       break;
 
     case GETSTAT:
@@ -315,7 +315,24 @@ cannot handle old request version %d; current version is %d"),
       break;
 
     case SHUTDOWN:
-      termination_handler (0);
+      /* Accept shutdown only from root */
+      if (secure_in_use && uid == 0)
+	termination_handler (0);
+      else
+	{
+	  struct ucred caller;
+	  int optlen = sizeof (caller);
+
+	  if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &caller, &optlen) < 0)
+	    {
+	      char buf[256];
+
+	      dbg_log (_("error getting callers id: %s"),
+		       strerror_r (errno, buf, sizeof (buf)));
+	    }
+	  else if (caller.uid == 0)
+	    termination_handler (0);
+	}
       break;
 
     default:
@@ -362,6 +379,7 @@ nscd_run (void *p)
 	  int fd = accept (conn.fd, NULL, NULL);
 	  request_header req;
 	  char buf[256];
+	  uid_t uid = 0;
 
 	  if (fd < 0)
 	    {
@@ -380,6 +398,25 @@ nscd_run (void *p)
 	      continue;
 	    }
 
+	  if (secure_in_use)
+	    {
+	      struct ucred caller;
+	      int optlen = sizeof (caller);
+
+	      if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED,
+			      &caller, &optlen) < 0)
+		{
+		  dbg_log (_("error getting callers id: %s"),
+			   strerror_r (errno, buf, sizeof (buf)));
+		  close (fd);
+		  continue;
+		}
+
+	      if (req.type < GETPWBYNAME || req.type >= LASTREQ
+		  || secure[serv2db[req.type]])
+		uid = caller.uid;
+	    }
+
 	  /* It should not be possible to crash the nscd with a silly
 	     request (i.e., a terribly large key.  We limit the size
 	     to 1kb.  */
@@ -404,7 +441,7 @@ nscd_run (void *p)
 		}
 
 	      /* Phew, we got all the data, now process it.  */
-	      handle_request (fd, &req, keybuf);
+	      handle_request (fd, &req, keybuf, uid);
 
 	      /* We are done.  */
 	      close (fd);
diff --git a/nscd/grpcache.c b/nscd/grpcache.c
index 1c6b1aff3f..d8848f3e00 100644
--- a/nscd/grpcache.c
+++ b/nscd/grpcache.c
@@ -77,7 +77,7 @@ struct groupdata
 
 static void
 cache_addgr (struct database *db, int fd, request_header *req, void *key,
-	     struct group *grp)
+	     struct group *grp, uid_t owner)
 {
   ssize_t total;
   ssize_t written;
@@ -105,7 +105,7 @@ cache_addgr (struct database *db, int fd, request_header *req, void *key,
       pthread_rwlock_rdlock (&db->lock);
 
       cache_add (req->type, copy, req->key_len, &iov_notfound,
-		 sizeof (notfound), (void *) -1, 0, t, db);
+		 sizeof (notfound), (void *) -1, 0, t, db, owner);
 
       pthread_rwlock_unlock (&db->lock);
     }
@@ -177,9 +177,9 @@ cache_addgr (struct database *db, int fd, request_header *req, void *key,
 
       /* We have to add the value for both, byname and byuid.  */
       cache_add (GETGRBYNAME, gr_name, gr_name_len, data,
-		 total, data, 0, t, db);
+		 total, data, 0, t, db, owner);
 
-      cache_add (GETGRBYGID, cp, n, data, total, data, 1, t, db);
+      cache_add (GETGRBYGID, cp, n, data, total, data, 1, t, db, owner);
 
       pthread_rwlock_unlock (&db->lock);
     }
@@ -194,7 +194,8 @@ cache_addgr (struct database *db, int fd, request_header *req, void *key,
 
 
 void
-addgrbyname (struct database *db, int fd, request_header *req, void *key)
+addgrbyname (struct database *db, int fd, request_header *req,
+	     void *key, uid_t uid)
 {
   /* Search for the entry matching the key.  Please note that we don't
      look again in the table whether the dataset is now available.  We
@@ -204,10 +205,17 @@ addgrbyname (struct database *db, int fd, request_header *req, void *key)
   char *buffer = alloca (buflen);
   struct group resultbuf;
   struct group *grp;
+  uid_t oldeuid = 0;
 
   if (debug_level > 0)
     dbg_log (_("Haven't found \"%s\" in group cache!"), key);
 
+  if (secure[grpdb])
+    {
+      oldeuid = geteuid ();
+      seteuid (uid);
+    }
+
   while (getgrnam_r (key, &resultbuf, buffer, buflen, &grp) != 0
 	 && errno == ERANGE)
     {
@@ -216,12 +224,16 @@ addgrbyname (struct database *db, int fd, request_header *req, void *key)
       buffer = alloca (buflen);
     }
 
-  cache_addgr (db, fd, req, key, grp);
+  if (secure[grpdb])
+    seteuid (oldeuid);
+
+  cache_addgr (db, fd, req, key, grp, uid);
 }
 
 
 void
-addgrbygid (struct database *db, int fd, request_header *req, void *key)
+addgrbygid (struct database *db, int fd, request_header *req,
+	    void *key, uid_t uid)
 {
   /* Search for the entry matching the key.  Please note that we don't
      look again in the table whether the dataset is now available.  We
@@ -232,10 +244,17 @@ addgrbygid (struct database *db, int fd, request_header *req, void *key)
   struct group resultbuf;
   struct group *grp;
   gid_t gid = atol (key);
+  uid_t oldeuid = 0;
 
   if (debug_level > 0)
     dbg_log (_("Haven't found \"%d\" in group cache!"), gid);
 
+  if (secure[grpdb])
+    {
+      oldeuid = geteuid ();
+      seteuid (uid);
+    }
+
   while (getgrgid_r (gid, &resultbuf, buffer, buflen, &grp) != 0
 	 && errno == ERANGE)
     {
@@ -244,5 +263,8 @@ addgrbygid (struct database *db, int fd, request_header *req, void *key)
       buffer = alloca (buflen);
     }
 
-  cache_addgr (db, fd, req, key, grp);
+  if (secure[grpdb])
+    seteuid (oldeuid);
+
+  cache_addgr (db, fd, req, key, grp, uid);
 }
diff --git a/nscd/hstcache.c b/nscd/hstcache.c
index 15459752bb..6fceecfc56 100644
--- a/nscd/hstcache.c
+++ b/nscd/hstcache.c
@@ -88,7 +88,7 @@ struct hostdata
 
 static void
 cache_addhst (struct database *db, int fd, request_header *req, void *key,
-	      struct hostent *hst)
+	      struct hostent *hst, uid_t owner)
 {
   ssize_t total;
   ssize_t written;
@@ -116,7 +116,7 @@ cache_addhst (struct database *db, int fd, request_header *req, void *key,
       pthread_rwlock_rdlock (&db->lock);
 
       cache_add (req->type, copy, req->key_len, &iov_notfound,
-		 sizeof (notfound), (void *) -1, 0, t, db);
+		 sizeof (notfound), (void *) -1, 0, t, db, owner);
 
       pthread_rwlock_unlock (&db->lock);
     }
@@ -227,10 +227,10 @@ cache_addhst (struct database *db, int fd, request_header *req, void *key,
 	{
 	  if (addr_list_type == GETHOSTBYADDR)
 	    cache_add (GETHOSTBYNAME, aliases, h_aliases_len[cnt], data, total,
-		       data, 0, t, db);
+		       data, 0, t, db, owner);
 
 	  cache_add (GETHOSTBYNAMEv6, aliases, h_aliases_len[cnt], data, total,
-		     data, 0, t, db);
+		     data, 0, t, db, owner);
 
 	  aliases += h_aliases_len[cnt];
 	}
@@ -239,7 +239,7 @@ cache_addhst (struct database *db, int fd, request_header *req, void *key,
       for (cnt = 0; cnt < h_addr_list_cnt; ++cnt)
 	{
 	  cache_add (addr_list_type, addresses, hst->h_length, data, total,
-		     data, 0, t, db);
+		     data, 0, t, db, owner);
 	  addresses += hst->h_length;
 	}
 
@@ -248,7 +248,7 @@ cache_addhst (struct database *db, int fd, request_header *req, void *key,
 	for (cnt = 0; cnt < h_addr_list_cnt; ++cnt)
 	  {
 	    cache_add (GETHOSTBYADDRv6, addresses, IN6ADDRSZ, data, total,
-		       data, 0, t, db);
+		       data, 0, t, db, owner);
 	    addresses += IN6ADDRSZ;
 	  }
 
@@ -257,17 +257,17 @@ cache_addhst (struct database *db, int fd, request_header *req, void *key,
 	{
 	  if (addr_list_type == GETHOSTBYADDR)
 	    cache_add (GETHOSTBYNAME, key_copy, req->key_len, data, total,
-		       data, 0, t, db);
+		       data, 0, t, db, owner);
 	  cache_add (GETHOSTBYNAMEv6, key_copy, req->key_len, data,
-		     total, data, 0, t, db);
+		     total, data, 0, t, db, owner);
 	}
 
       /* And finally the name.  We mark this as the last entry.  */
       if (addr_list_type == GETHOSTBYADDR)
 	cache_add (GETHOSTBYNAME, data->strdata, h_name_len, data, total, data,
-		   0, t, db);
+		   0, t, db, owner);
       cache_add (GETHOSTBYNAMEv6, data->strdata, h_name_len, data,
-		 total, data, 1, t, db);
+		 total, data, 1, t, db, owner);
 
       pthread_rwlock_unlock (&db->lock);
     }
@@ -282,7 +282,8 @@ cache_addhst (struct database *db, int fd, request_header *req, void *key,
 
 
 void
-addhstbyname (struct database *db, int fd, request_header *req, void *key)
+addhstbyname (struct database *db, int fd, request_header *req,
+	      void *key, uid_t uid)
 {
   /* Search for the entry matching the key.  Please note that we don't
      look again in the table whether the dataset is now available.  We
@@ -292,10 +293,17 @@ addhstbyname (struct database *db, int fd, request_header *req, void *key)
   char *buffer = alloca (buflen);
   struct hostent resultbuf;
   struct hostent *hst;
+  uid_t oldeuid = 0;
 
   if (debug_level > 0)
     dbg_log (_("Haven't found \"%s\" in hosts cache!"), key);
 
+  if (secure[hstdb])
+    {
+      oldeuid = geteuid ();
+      seteuid (uid);
+    }
+
   while (gethostbyname2_r (key, AF_INET, &resultbuf, buffer, buflen, &hst,
 			   &h_errno) != 0
 	 && h_errno == NETDB_INTERNAL
@@ -306,12 +314,16 @@ addhstbyname (struct database *db, int fd, request_header *req, void *key)
       buffer = alloca (buflen);
     }
 
-  cache_addhst (db, fd, req, key, hst);
+  if (secure[hstdb])
+    seteuid (uid);
+
+  cache_addhst (db, fd, req, key, hst, uid);
 }
 
 
 void
-addhstbyaddr (struct database *db, int fd, request_header *req, void *key)
+addhstbyaddr (struct database *db, int fd, request_header *req,
+	      void *key, uid_t uid)
 {
   /* Search for the entry matching the key.  Please note that we don't
      look again in the table whether the dataset is now available.  We
@@ -321,6 +333,7 @@ addhstbyaddr (struct database *db, int fd, request_header *req, void *key)
   char *buffer = alloca (buflen);
   struct hostent resultbuf;
   struct hostent *hst;
+  uid_t oldeuid = 0;
 
   if (debug_level > 0)
     {
@@ -329,6 +342,12 @@ addhstbyaddr (struct database *db, int fd, request_header *req, void *key)
 	       inet_ntop (AF_INET, key, buf, sizeof (buf)));
     }
 
+  if (secure[hstdb])
+    {
+      oldeuid = geteuid ();
+      seteuid (uid);
+    }
+
   while (gethostbyaddr_r (key, INADDRSZ, AF_INET, &resultbuf, buffer, buflen,
 			  &hst, &h_errno) != 0
 	 && h_errno == NETDB_INTERNAL
@@ -339,12 +358,16 @@ addhstbyaddr (struct database *db, int fd, request_header *req, void *key)
       buffer = alloca (buflen);
     }
 
-  cache_addhst (db, fd, req, key, hst);
+  if (secure[hstdb])
+    seteuid (oldeuid);
+
+  cache_addhst (db, fd, req, key, hst, uid);
 }
 
 
 void
-addhstbynamev6 (struct database *db, int fd, request_header *req, void *key)
+addhstbynamev6 (struct database *db, int fd, request_header *req,
+		void *key, uid_t uid)
 {
   /* Search for the entry matching the key.  Please note that we don't
      look again in the table whether the dataset is now available.  We
@@ -354,6 +377,7 @@ addhstbynamev6 (struct database *db, int fd, request_header *req, void *key)
   char *buffer = alloca (buflen);
   struct hostent resultbuf;
   struct hostent *hst;
+  uid_t oldeuid = 0;
 
   if (debug_level > 0)
     {
@@ -363,6 +387,12 @@ addhstbynamev6 (struct database *db, int fd, request_header *req, void *key)
 	       inet_ntop (AF_INET6, key, buf, sizeof (buf)));
     }
 
+  if (secure[hstdb])
+    {
+      oldeuid = geteuid ();
+      seteuid (uid);
+    }
+
   while (gethostbyname2_r (key, AF_INET6, &resultbuf, buffer, buflen, &hst,
 			   &h_errno) != 0
 	 && h_errno == NETDB_INTERNAL
@@ -373,12 +403,16 @@ addhstbynamev6 (struct database *db, int fd, request_header *req, void *key)
       buffer = alloca (buflen);
     }
 
-  cache_addhst (db, fd, req, key, hst);
+  if (secure[hstdb])
+    seteuid (oldeuid);
+
+  cache_addhst (db, fd, req, key, hst, uid);
 }
 
 
 void
-addhstbyaddrv6 (struct database *db, int fd, request_header *req, void *key)
+addhstbyaddrv6 (struct database *db, int fd, request_header *req,
+		void *key, uid_t uid)
 {
   /* Search for the entry matching the key.  Please note that we don't
      look again in the table whether the dataset is now available.  We
@@ -388,6 +422,7 @@ addhstbyaddrv6 (struct database *db, int fd, request_header *req, void *key)
   char *buffer = alloca (buflen);
   struct hostent resultbuf;
   struct hostent *hst;
+  uid_t oldeuid = 0;
 
   if (debug_level > 0)
     {
@@ -396,6 +431,12 @@ addhstbyaddrv6 (struct database *db, int fd, request_header *req, void *key)
 	       inet_ntop (AF_INET6, key, buf, sizeof (buf)));
     }
 
+  if (secure[hstdb])
+    {
+      oldeuid = geteuid ();
+      seteuid (uid);
+    }
+
   while (gethostbyaddr_r (key, IN6ADDRSZ, AF_INET6, &resultbuf, buffer, buflen,
 			  &hst, &h_errno) != 0
 	 && h_errno == NETDB_INTERNAL
@@ -406,5 +447,8 @@ addhstbyaddrv6 (struct database *db, int fd, request_header *req, void *key)
       buffer = alloca (buflen);
     }
 
-  cache_addhst (db, fd, req, key, hst);
+  if (secure[hstdb])
+    seteuid (oldeuid);
+
+  cache_addhst (db, fd, req, key, hst, uid);
 }
diff --git a/nscd/nscd.c b/nscd/nscd.c
index b2e5843a91..af5ce42be8 100644
--- a/nscd/nscd.c
+++ b/nscd/nscd.c
@@ -1,6 +1,6 @@
 /* Copyright (c) 1998, 1999 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
-   Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1998.
+   Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998.
 
    The GNU C Library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Library General Public License as
@@ -58,10 +58,13 @@ typedef struct
 
 thread_info_t thread_info;
 
-int do_shutdown = 0;
-int disabled_passwd = 0;
-int disabled_group = 0;
+int do_shutdown;
+int disabled_passwd;
+int disabled_group;
 int go_background = 1;
+
+int secure[lastdb];
+int secure_in_use;
 static const char *conffile = _PATH_NSCDCONF;
 
 static int check_pid (const char *file);
@@ -81,6 +84,7 @@ static const struct argp_option options[] =
   { "nthreads", 't', N_("NUMBER"), 0, N_("Start NUMBER threads") },
   { "shutdown", 'K', NULL, 0, N_("Shut the server down") },
   { "statistic", 'g', NULL, 0, N_("Print current configuration statistic") },
+  { "secure", 'S', N_("TABLE,yes"), 0, N_("Use separate cache for each user")},
   { NULL, 0, NULL, 0, NULL }
 };
 
@@ -208,6 +212,15 @@ parse_opt (int key, char *arg, struct argp_state *state)
       nthreads = atol (arg);
       break;
 
+    case 'S':
+      if (strcmp (arg, "passwd,yes") == 0)
+	secure_in_use = secure[pwddb] = 1;
+      else if (strcmp (arg, "group,yes") == 0)
+	secure_in_use = secure[grpdb] = 1;
+      else if (strcmp (arg, "hosts,yes") == 0)
+	secure_in_use = secure[hstdb] = 1;
+      break;
+
     default:
       return ARGP_ERR_UNKNOWN;
     }
diff --git a/nscd/nscd.h b/nscd/nscd.h
index 9177235911..36fd1b3002 100644
--- a/nscd/nscd.h
+++ b/nscd/nscd.h
@@ -1,6 +1,6 @@
-/* Copyright (c) 1998 Free Software Foundation, Inc.
+/* Copyright (c) 1998, 1999 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
-   Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1998.
+   Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998.
 
    The GNU C Library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Library General Public License as
@@ -46,6 +46,7 @@ struct hashentry
   request_type type;		/* Which type of dataset.  */
   size_t len;			/* Length of key.  */
   void *key;			/* Pointer to key.  */
+  uid_t owner;                  /* If secure table, this is the owner.  */
   struct hashentry *next;	/* Next entry in this hash bucket list.  */
   time_t timeout;		/* Time when this entry becomes invalid.  */
   ssize_t total;		/* Number of bytes in PACKET.  */
@@ -91,6 +92,9 @@ extern const struct iovec hst_iov_disabled;
 /* Number of threads to run.  */
 extern int nthreads;
 
+/* Tables for which we cache data with uid */
+extern int secure[lastdb];
+extern int secure_in_use; /* Is one of the above 1 ? */
 
 /* Prototypes for global functions.  */
 
@@ -112,33 +116,34 @@ extern int receive_print_stats (void);
 
 /* cache.c */
 extern struct hashentry *cache_search (int type, void *key, size_t len,
-				       struct database *table);
+				       struct database *table, uid_t owner);
 extern void cache_add (int type, void *key, size_t len,
 		       const void *packet, size_t iovtotal, void *data,
-		       int last, time_t t, struct database *table);
+		       int last, time_t t, struct database *table,
+		       uid_t owner);
 extern void prune_cache (struct database *table, time_t now);
 
 /* pwdcache.c */
 extern void addpwbyname (struct database *db, int fd, request_header *req,
-			 void *key);
+			 void *key, uid_t uid);
 extern void addpwbyuid (struct database *db, int fd, request_header *req,
-			void *key);
+			void *key, uid_t uid);
 
 /* grpcache.c */
 extern void addgrbyname (struct database *db, int fd, request_header *req,
-			 void *key);
+			 void *key, uid_t uid);
 extern void addgrbygid (struct database *db, int fd, request_header *req,
-			void *key);
+			void *key, uid_t uid);
 
 /* hstcache.c */
 extern void addhstbyname (struct database *db, int fd, request_header *req,
-			  void *key);
+			  void *key, uid_t uid);
 extern void addhstbyaddr (struct database *db, int fd, request_header *req,
-			  void *key);
+			  void *key, uid_t uid);
 extern void addhstbynamev6 (struct database *db, int fd, request_header *req,
-			    void *key);
+			    void *key, uid_t uid);
 extern void addhstbyaddrv6 (struct database *db, int fd, request_header *req,
-			    void *key);
+			    void *key, uid_t uid);
 
 
 #endif /* nscd.h */
diff --git a/nscd/pwdcache.c b/nscd/pwdcache.c
index 5bf89a75ba..a66cf4fe3d 100644
--- a/nscd/pwdcache.c
+++ b/nscd/pwdcache.c
@@ -1,5 +1,5 @@
 /* Cache handling for passwd lookup.
-   Copyright (C) 1998 Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
 
@@ -84,7 +84,7 @@ struct passwddata
 
 static void
 cache_addpw (struct database *db, int fd, request_header *req, void *key,
-	     struct passwd *pwd)
+	     struct passwd *pwd, uid_t owner)
 {
   ssize_t total;
   ssize_t written;
@@ -112,7 +112,7 @@ cache_addpw (struct database *db, int fd, request_header *req, void *key,
       pthread_rwlock_rdlock (&db->lock);
 
       cache_add (req->type, copy, req->key_len, &iov_notfound,
-		 sizeof (notfound), (void *) -1, 0, t, db);
+		 sizeof (notfound), (void *) -1, 0, t, db, owner);
 
       pthread_rwlock_unlock (&db->lock);
     }
@@ -175,9 +175,9 @@ cache_addpw (struct database *db, int fd, request_header *req, void *key,
 
       /* We have to add the value for both, byname and byuid.  */
       cache_add (GETPWBYNAME, data->strdata, pw_name_len, data,
-		 total, data, 0, t, db);
+		 total, data, 0, t, db, owner);
 
-      cache_add (GETPWBYUID, cp, n, data, total, data, 1, t, db);
+      cache_add (GETPWBYUID, cp, n, data, total, data, 1, t, db, owner);
 
       pthread_rwlock_unlock (&db->lock);
     }
@@ -192,7 +192,8 @@ cache_addpw (struct database *db, int fd, request_header *req, void *key,
 
 
 void
-addpwbyname (struct database *db, int fd, request_header *req, void *key)
+addpwbyname (struct database *db, int fd, request_header *req,
+	     void *key, uid_t c_uid)
 {
   /* Search for the entry matching the key.  Please note that we don't
      look again in the table whether the dataset is now available.  We
@@ -202,10 +203,17 @@ addpwbyname (struct database *db, int fd, request_header *req, void *key)
   char *buffer = alloca (buflen);
   struct passwd resultbuf;
   struct passwd *pwd;
+  uid_t oldeuid;
 
   if (debug_level > 0)
     dbg_log (_("Haven't found \"%s\" in password cache!"), key);
 
+  if (secure[pwddb])
+    {
+      oldeuid = geteuid ();
+      seteuid (c_uid);
+    }
+
   while (getpwnam_r (key, &resultbuf, buffer, buflen, &pwd) != 0
 	 && errno == ERANGE)
     {
@@ -214,12 +222,16 @@ addpwbyname (struct database *db, int fd, request_header *req, void *key)
       buffer = alloca (buflen);
     }
 
-  cache_addpw (db, fd, req, key, pwd);
+  if (secure[pwddb])
+    seteuid (c_uid);
+
+  cache_addpw (db, fd, req, key, pwd, c_uid);
 }
 
 
 void
-addpwbyuid (struct database *db, int fd, request_header *req, void *key)
+addpwbyuid (struct database *db, int fd, request_header *req,
+	    void *key, uid_t c_uid)
 {
   /* Search for the entry matching the key.  Please note that we don't
      look again in the table whether the dataset is now available.  We
@@ -230,10 +242,17 @@ addpwbyuid (struct database *db, int fd, request_header *req, void *key)
   struct passwd resultbuf;
   struct passwd *pwd;
   uid_t uid = atol (key);
+  uid_t oldeuid = 0;
 
   if (debug_level > 0)
     dbg_log (_("Haven't found \"%d\" in password cache!"), uid);
 
+  if (secure[pwddb])
+    {
+      oldeuid = geteuid ();
+      seteuid (c_uid);
+    }
+
   while (getpwuid_r (uid, &resultbuf, buffer, buflen, &pwd) != 0
 	 && errno == ERANGE)
     {
@@ -242,5 +261,8 @@ addpwbyuid (struct database *db, int fd, request_header *req, void *key)
       buffer = alloca (buflen);
     }
 
-  cache_addpw (db, fd, req, key, pwd);
+  if (secure[pwddb])
+    seteuid (oldeuid);
+
+  cache_addpw (db, fd, req, key, pwd, c_uid);
 }