lib/glibc
1
0
Fork 0
mirror of https://sourceware.org/git/glibc.git synced 2025-09-11 12:10:50 +03:00
Code Activity

Update.

Browse Source 
1999-06-11  Thorsten Kukuk  <kukuk@suse.de>

	* nscd/nscd.c: Add -S options for separate caching of data for
	every user. So one user couldn't see the data another user
	has gotten with his credentials.
	* nscd/nscd.h: Add new prototypes.
	* nscd/cache.c: Compare owner of cache entry if in secure mode.
	* nscd/connections.c: Check on shutdown if caller really was root.
	In secure mode get uid of caller.
	* nscd/grpcache.c: Add support for new secure group mode.
	* nscd/hstcache.c: Add support for new secure hosts mode.
	* nscd/pwdcache.c: Add support for new secure passwd mode.
This commit is contained in:
Ulrich Drepper
1999-06-11 20:58:21 +00:00
parent 9be8ed9e94
commit a1c542bfc5
8 changed files with 225 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
nscd/grpcache.c
View File

@@ -77,7 +77,7 @@ struct groupdata
static void
cache_addgr (struct database *db, int fd, request_header *req, void *key,
struct group *grp)
struct group *grp, uid_t owner)
{
ssize_t total;
ssize_t written;
@@ -105,7 +105,7 @@ cache_addgr (struct database *db, int fd, request_header *req, void *key,
pthread_rwlock_rdlock (&db->lock);
cache_add (req->type, copy, req->key_len, &iov_notfound,
sizeof (notfound), (void *) -1, 0, t, db);
sizeof (notfound), (void *) -1, 0, t, db, owner);
pthread_rwlock_unlock (&db->lock);
}
@@ -177,9 +177,9 @@ cache_addgr (struct database *db, int fd, request_header *req, void *key,
/* We have to add the value for both, byname and byuid. */
cache_add (GETGRBYNAME, gr_name, gr_name_len, data,
total, data, 0, t, db);
total, data, 0, t, db, owner);
cache_add (GETGRBYGID, cp, n, data, total, data, 1, t, db);
cache_add (GETGRBYGID, cp, n, data, total, data, 1, t, db, owner);
pthread_rwlock_unlock (&db->lock);
}
@@ -194,7 +194,8 @@ cache_addgr (struct database *db, int fd, request_header *req, void *key,
void
addgrbyname (struct database *db, int fd, request_header *req, void *key)
addgrbyname (struct database *db, int fd, request_header *req,
void *key, uid_t uid)
{
/* Search for the entry matching the key. Please note that we don't
look again in the table whether the dataset is now available. We
@@ -204,10 +205,17 @@ addgrbyname (struct database *db, int fd, request_header *req, void *key)
char *buffer = alloca (buflen);
struct group resultbuf;
struct group *grp;
uid_t oldeuid = 0;
if (debug_level > 0)
dbg_log (_("Haven't found \"%s\" in group cache!"), key);
if (secure[grpdb])
{
oldeuid = geteuid ();
seteuid (uid);
}
while (getgrnam_r (key, &resultbuf, buffer, buflen, &grp) != 0
&& errno == ERANGE)
{
@@ -216,12 +224,16 @@ addgrbyname (struct database *db, int fd, request_header *req, void *key)
buffer = alloca (buflen);
}
cache_addgr (db, fd, req, key, grp);
if (secure[grpdb])
seteuid (oldeuid);
cache_addgr (db, fd, req, key, grp, uid);
}
void
addgrbygid (struct database *db, int fd, request_header *req, void *key)
addgrbygid (struct database *db, int fd, request_header *req,
void *key, uid_t uid)
{
/* Search for the entry matching the key. Please note that we don't
look again in the table whether the dataset is now available. We
@@ -232,10 +244,17 @@ addgrbygid (struct database *db, int fd, request_header *req, void *key)
struct group resultbuf;
struct group *grp;
gid_t gid = atol (key);
uid_t oldeuid = 0;
if (debug_level > 0)
dbg_log (_("Haven't found \"%d\" in group cache!"), gid);
if (secure[grpdb])
{
oldeuid = geteuid ();
seteuid (uid);
}
while (getgrgid_r (gid, &resultbuf, buffer, buflen, &grp) != 0
&& errno == ERANGE)
{
@@ -244,5 +263,8 @@ addgrbygid (struct database *db, int fd, request_header *req, void *key)
buffer = alloca (buflen);
}
cache_addgr (db, fd, req, key, grp);
if (secure[grpdb])
seteuid (oldeuid);
cache_addgr (db, fd, req, key, grp, uid);
}