aboutsummaryrefslogtreecommitdiff
path: root/nscd/nscd.c
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>1999-06-11 20:58:21 +0000
committerUlrich Drepper <drepper@redhat.com>1999-06-11 20:58:21 +0000
commita1c542bfc5684d914cf2af2c3ec9d5432d0b01dc (patch)
treed9b4c2f7304ab104283cee33d80f280c8950b7d6 /nscd/nscd.c
parent9be8ed9e947e91d83663739406bd04e351c0897e (diff)
downloadglibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.tar
glibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.tar.gz
glibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.tar.bz2
glibc-a1c542bfc5684d914cf2af2c3ec9d5432d0b01dc.zip
Update.
1999-06-11 Thorsten Kukuk <kukuk@suse.de> * nscd/nscd.c: Add -S options for separate caching of data for every user. So one user couldn't see the data another user has gotten with his credentials. * nscd/nscd.h: Add new prototypes. * nscd/cache.c: Compare owner of cache entry if in secure mode. * nscd/connections.c: Check on shutdown if caller really was root. In secure mode get uid of caller. * nscd/grpcache.c: Add support for new secure group mode. * nscd/hstcache.c: Add support for new secure hosts mode. * nscd/pwdcache.c: Add support for new secure passwd mode.
Diffstat (limited to 'nscd/nscd.c')
-rw-r--r--nscd/nscd.c21
1 files changed, 17 insertions, 4 deletions
diff --git a/nscd/nscd.c b/nscd/nscd.c
index b2e5843a91..af5ce42be8 100644
--- a/nscd/nscd.c
+++ b/nscd/nscd.c
@@ -1,6 +1,6 @@
/* Copyright (c) 1998, 1999 Free Software Foundation, Inc.
This file is part of the GNU C Library.
- Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1998.
+ Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Library General Public License as
@@ -58,10 +58,13 @@ typedef struct
thread_info_t thread_info;
-int do_shutdown = 0;
-int disabled_passwd = 0;
-int disabled_group = 0;
+int do_shutdown;
+int disabled_passwd;
+int disabled_group;
int go_background = 1;
+
+int secure[lastdb];
+int secure_in_use;
static const char *conffile = _PATH_NSCDCONF;
static int check_pid (const char *file);
@@ -81,6 +84,7 @@ static const struct argp_option options[] =
{ "nthreads", 't', N_("NUMBER"), 0, N_("Start NUMBER threads") },
{ "shutdown", 'K', NULL, 0, N_("Shut the server down") },
{ "statistic", 'g', NULL, 0, N_("Print current configuration statistic") },
+ { "secure", 'S', N_("TABLE,yes"), 0, N_("Use separate cache for each user")},
{ NULL, 0, NULL, 0, NULL }
};
@@ -208,6 +212,15 @@ parse_opt (int key, char *arg, struct argp_state *state)
nthreads = atol (arg);
break;
+ case 'S':
+ if (strcmp (arg, "passwd,yes") == 0)
+ secure_in_use = secure[pwddb] = 1;
+ else if (strcmp (arg, "group,yes") == 0)
+ secure_in_use = secure[grpdb] = 1;
+ else if (strcmp (arg, "hosts,yes") == 0)
+ secure_in_use = secure[hstdb] = 1;
+ break;
+
default:
return ARGP_ERR_UNKNOWN;
}