diff options
| author | Ulrich Drepper <drepper@redhat.com> | 1999-06-11 20:58:21 +0000 |
|---|---|---|
| committer | Ulrich Drepper <drepper@redhat.com> | 1999-06-11 20:58:21 +0000 |
| commit | a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc (patch) | |
| tree | d9b4c2f7304ab104283cee33d80f280c8950b7d6 /nscd/nscd.c | |
| parent | 9be8ed9e947e91d83663739406bd04e351c0897e (diff) | |
| download | glibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.tar.gz glibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.tar.xz glibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.zip | |
Update.
1999-06-11 Thorsten Kukuk <kukuk@suse.de> * nscd/nscd.c: Add -S options for separate caching of data for every user. So one user couldn't see the data another user has gotten with his credentials. * nscd/nscd.h: Add new prototypes. * nscd/cache.c: Compare owner of cache entry if in secure mode. * nscd/connections.c: Check on shutdown if caller really was root. In secure mode get uid of caller. * nscd/grpcache.c: Add support for new secure group mode. * nscd/hstcache.c: Add support for new secure hosts mode. * nscd/pwdcache.c: Add support for new secure passwd mode.
Diffstat (limited to 'nscd/nscd.c')
| -rw-r--r-- | nscd/nscd.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/nscd/nscd.c b/nscd/nscd.c index b2e5843a91..af5ce42be8 100644 --- a/nscd/nscd.c +++ b/nscd/nscd.c @@ -1,6 +1,6 @@ /* Copyright (c) 1998, 1999 Free Software Foundation, Inc. This file is part of the GNU C Library. - Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1998. + Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998. The GNU C Library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as @@ -58,10 +58,13 @@ typedef struct thread_info_t thread_info; -int do_shutdown = 0; -int disabled_passwd = 0; -int disabled_group = 0; +int do_shutdown; +int disabled_passwd; +int disabled_group; int go_background = 1; + +int secure[lastdb]; +int secure_in_use; static const char *conffile = _PATH_NSCDCONF; static int check_pid (const char *file); @@ -81,6 +84,7 @@ static const struct argp_option options[] = { "nthreads", 't', N_("NUMBER"), 0, N_("Start NUMBER threads") }, { "shutdown", 'K', NULL, 0, N_("Shut the server down") }, { "statistic", 'g', NULL, 0, N_("Print current configuration statistic") }, + { "secure", 'S', N_("TABLE,yes"), 0, N_("Use separate cache for each user")}, { NULL, 0, NULL, 0, NULL } }; @@ -208,6 +212,15 @@ parse_opt (int key, char *arg, struct argp_state *state) nthreads = atol (arg); break; + case 'S': + if (strcmp (arg, "passwd,yes") == 0) + secure_in_use = secure[pwddb] = 1; + else if (strcmp (arg, "group,yes") == 0) + secure_in_use = secure[grpdb] = 1; + else if (strcmp (arg, "hosts,yes") == 0) + secure_in_use = secure[hstdb] = 1; + break; + default: return ARGP_ERR_UNKNOWN; } |