ndb/cs, ndb/dns: ignore special commands from users different from the one we run the service owner
this prevents users like "none" from toggling special options in ndb/dns and ndb/cs.
This commit is contained in:
cinap_lenrek
parent
249915c379
commit
2e0fac766c
|
|
@ -87,6 +87,7 @@ int *isslave; /* *isslave non-zero means this is a slave process */
|
|||
long active; /* number of active slaves */
|
||||
char *dbfile;
|
||||
Ndb *db, *netdb;
|
||||
char *csuser;
|
||||
|
||||
void rversion(Job*);
|
||||
void rflush(Job*);
|
||||
|
|
@ -266,6 +267,7 @@ main(int argc, char *argv[])
|
|||
netinit(0);
|
||||
|
||||
if(!justsetname){
|
||||
csuser = estrdup(getuser());
|
||||
mountinit(servefile, mntpt);
|
||||
io();
|
||||
}
|
||||
|
|
@ -779,6 +781,9 @@ rwrite(Job *job, Mfile *mf)
|
|||
}
|
||||
job->request.data[cnt] = 0;
|
||||
|
||||
if(strcmp(mf->user, "none") == 0 || strcmp(mf->user, csuser) != 0)
|
||||
goto query; /* skip special commands if not owner */
|
||||
|
||||
/*
|
||||
* toggle debugging
|
||||
*/
|
||||
|
|
@ -825,6 +830,7 @@ rwrite(Job *job, Mfile *mf)
|
|||
goto send;
|
||||
}
|
||||
|
||||
query:
|
||||
if(mf->ref){
|
||||
err = "query already in progress";
|
||||
goto send;
|
||||
|
|
|
|||
|
|
@ -77,6 +77,7 @@ char *zonerefreshprogram;
|
|||
|
||||
char *logfile = "dns"; /* or "dns.test" */
|
||||
char *dbfile;
|
||||
char *dnsuser;
|
||||
char mntpt[Maxpath];
|
||||
|
||||
int addforwtarg(char *);
|
||||
|
|
@ -198,6 +199,7 @@ main(int argc, char *argv[])
|
|||
opendatabase();
|
||||
now = time(nil); /* open time files before we fork */
|
||||
nowns = nsec();
|
||||
dnsuser = estrdup(getuser());
|
||||
|
||||
snprint(servefile, sizeof servefile, "#s/dns%s", ext);
|
||||
dir = dirstat(servefile);
|
||||
|
|
@ -717,10 +719,14 @@ rwrite(Job *job, Mfile *mf, Request *req)
|
|||
if(cnt > 0 && job->request.data[cnt-1] == '\n')
|
||||
job->request.data[cnt-1] = 0;
|
||||
|
||||
if(strcmp(mf->user, "none") == 0 || strcmp(mf->user, dnsuser) != 0)
|
||||
goto query; /* skip special commands if not owner */
|
||||
|
||||
/*
|
||||
* special commands
|
||||
*/
|
||||
// dnslog("rwrite got: %s", job->request.data);
|
||||
if(debug)
|
||||
dnslog("rwrite got: %s", job->request.data);
|
||||
send = 1;
|
||||
if(strcmp(job->request.data, "debug")==0)
|
||||
debug ^= 1;
|
||||
|
|
@ -744,6 +750,7 @@ rwrite(Job *job, Mfile *mf, Request *req)
|
|||
if (send)
|
||||
goto send;
|
||||
|
||||
query:
|
||||
/*
|
||||
* kill previous reply
|
||||
*/
|
||||
|
|
|
|||
Loading…
Reference in a new issue