From 540009244c7c9f1aec64af6fb1efba7245ed8bb3 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Tue, 15 Jun 1999 11:54:33 +0000 Subject: Update. 1999-06-14 Thorsten Kukuk * nscd/connections.c (handle_request): Only root is allowed to send GETSTAT request in non secure mode. * nscd/nscd.c: Print error message if other then root try to use getstat. 1999-06-15 Andreas Jaeger * sysdeps/unix/sysv/linux/alpha/syscalls.list: Add __sysctl. 1999-06-15 Andreas Jaeger * manual/time.texi (Limits on Resources): Describe RLIMIT_AS. Closes PR libc/1164, reported by sascha@schumann.2ns.de. --- nscd/connections.c | 22 +++++++++++++++------- nscd/nscd.c | 2 ++ 2 files changed, 17 insertions(+), 7 deletions(-) (limited to 'nscd') diff --git a/nscd/connections.c b/nscd/connections.c index 4daa09926d..9d1b4d366e 100644 --- a/nscd/connections.c +++ b/nscd/connections.c @@ -311,13 +311,15 @@ cannot handle old request version %d; current version is %d"), break; case GETSTAT: - send_stats (fd, dbs); - break; - case SHUTDOWN: - /* Accept shutdown only from root */ + /* Accept shutdown and getstat only from root */ if (secure_in_use && uid == 0) - termination_handler (0); + { + if (req->type == GETSTAT) + send_stats (fd, dbs); + else + termination_handler (0); + } else { struct ucred caller; @@ -330,8 +332,14 @@ cannot handle old request version %d; current version is %d"), dbg_log (_("error getting callers id: %s"), strerror_r (errno, buf, sizeof (buf))); } - else if (caller.uid == 0) - termination_handler (0); + else + if (caller.uid == 0) + { + if (req->type == GETSTAT) + send_stats (fd, dbs); + else + termination_handler (0); + } } break; diff --git a/nscd/nscd.c b/nscd/nscd.c index af5ce42be8..8c61406d2f 100644 --- a/nscd/nscd.c +++ b/nscd/nscd.c @@ -205,6 +205,8 @@ parse_opt (int key, char *arg, struct argp_state *state) } case 'g': + if (getuid () != 0) + error (EXIT_FAILURE, 0, _("Only root is allowed to use this option!")); receive_print_stats (); /* Does not return. */ -- cgit v1.2.3