ndb/cs, ndb/dns: ignore special commands from users different from the one we run the service owner

this prevents users like "none" from toggling special options in ndb/dns
and ndb/cs.
This commit is contained in:
cinap_lenrek 2013-06-14 19:20:06 +02:00
parent 249915c379
commit 2e0fac766c
2 changed files with 14 additions and 1 deletions

View file

@ -87,6 +87,7 @@ int *isslave; /* *isslave non-zero means this is a slave process */
long active; /* number of active slaves */
char *dbfile;
Ndb *db, *netdb;
char *csuser;
void rversion(Job*);
void rflush(Job*);
@ -266,6 +267,7 @@ main(int argc, char *argv[])
netinit(0);
if(!justsetname){
csuser = estrdup(getuser());
mountinit(servefile, mntpt);
io();
}
@ -779,6 +781,9 @@ rwrite(Job *job, Mfile *mf)
}
job->request.data[cnt] = 0;
if(strcmp(mf->user, "none") == 0 || strcmp(mf->user, csuser) != 0)
goto query; /* skip special commands if not owner */
/*
* toggle debugging
*/
@ -825,6 +830,7 @@ rwrite(Job *job, Mfile *mf)
goto send;
}
query:
if(mf->ref){
err = "query already in progress";
goto send;

View file

@ -77,6 +77,7 @@ char *zonerefreshprogram;
char *logfile = "dns"; /* or "dns.test" */
char *dbfile;
char *dnsuser;
char mntpt[Maxpath];
int addforwtarg(char *);
@ -198,6 +199,7 @@ main(int argc, char *argv[])
opendatabase();
now = time(nil); /* open time files before we fork */
nowns = nsec();
dnsuser = estrdup(getuser());
snprint(servefile, sizeof servefile, "#s/dns%s", ext);
dir = dirstat(servefile);
@ -717,10 +719,14 @@ rwrite(Job *job, Mfile *mf, Request *req)
if(cnt > 0 && job->request.data[cnt-1] == '\n')
job->request.data[cnt-1] = 0;
if(strcmp(mf->user, "none") == 0 || strcmp(mf->user, dnsuser) != 0)
goto query; /* skip special commands if not owner */
/*
* special commands
*/
// dnslog("rwrite got: %s", job->request.data);
if(debug)
dnslog("rwrite got: %s", job->request.data);
send = 1;
if(strcmp(job->request.data, "debug")==0)
debug ^= 1;
@ -744,6 +750,7 @@ rwrite(Job *job, Mfile *mf, Request *req)
if (send)
goto send;
query:
/*
* kill previous reply
*/