diff options
| author | cinap_lenrek <cinap_lenrek@gmx.de> | 2013-06-14 19:20:06 +0200 |
|---|---|---|
| committer | cinap_lenrek <cinap_lenrek@gmx.de> | 2013-06-14 19:20:06 +0200 |
| commit | 2e0fac766c44301086d98910555ba351778cfb52 (patch) | |
| tree | 13c20c8e9f2dd5f85b35b06c74b3ba6c6a71add5 /sys/src/cmd/ndb | |
| parent | 249915c3795858582dbf5b0f1e1533b50b90737d (diff) | |
ndb/cs, ndb/dns: ignore special commands from users different from the one we run the service owner
this prevents users like "none" from toggling special options in ndb/dns
and ndb/cs.
Diffstat (limited to 'sys/src/cmd/ndb')
| -rw-r--r-- | sys/src/cmd/ndb/cs.c | 6 | ||||
| -rw-r--r-- | sys/src/cmd/ndb/dns.c | 9 |
2 files changed, 14 insertions, 1 deletions
diff --git a/sys/src/cmd/ndb/cs.c b/sys/src/cmd/ndb/cs.c index 4e0ed17d6..f760c8f39 100644 --- a/sys/src/cmd/ndb/cs.c +++ b/sys/src/cmd/ndb/cs.c @@ -87,6 +87,7 @@ int *isslave; /* *isslave non-zero means this is a slave process */ long active; /* number of active slaves */ char *dbfile; Ndb *db, *netdb; +char *csuser; void rversion(Job*); void rflush(Job*); @@ -266,6 +267,7 @@ main(int argc, char *argv[]) netinit(0); if(!justsetname){ + csuser = estrdup(getuser()); mountinit(servefile, mntpt); io(); } @@ -779,6 +781,9 @@ rwrite(Job *job, Mfile *mf) } job->request.data[cnt] = 0; + if(strcmp(mf->user, "none") == 0 || strcmp(mf->user, csuser) != 0) + goto query; /* skip special commands if not owner */ + /* * toggle debugging */ @@ -825,6 +830,7 @@ rwrite(Job *job, Mfile *mf) goto send; } +query: if(mf->ref){ err = "query already in progress"; goto send; diff --git a/sys/src/cmd/ndb/dns.c b/sys/src/cmd/ndb/dns.c index 8fc4f5167..32bae4040 100644 --- a/sys/src/cmd/ndb/dns.c +++ b/sys/src/cmd/ndb/dns.c @@ -77,6 +77,7 @@ char *zonerefreshprogram; char *logfile = "dns"; /* or "dns.test" */ char *dbfile; +char *dnsuser; char mntpt[Maxpath]; int addforwtarg(char *); @@ -198,6 +199,7 @@ main(int argc, char *argv[]) opendatabase(); now = time(nil); /* open time files before we fork */ nowns = nsec(); + dnsuser = estrdup(getuser()); snprint(servefile, sizeof servefile, "#s/dns%s", ext); dir = dirstat(servefile); @@ -717,10 +719,14 @@ rwrite(Job *job, Mfile *mf, Request *req) if(cnt > 0 && job->request.data[cnt-1] == '\n') job->request.data[cnt-1] = 0; + if(strcmp(mf->user, "none") == 0 || strcmp(mf->user, dnsuser) != 0) + goto query; /* skip special commands if not owner */ + /* * special commands */ -// dnslog("rwrite got: %s", job->request.data); + if(debug) + dnslog("rwrite got: %s", job->request.data); send = 1; if(strcmp(job->request.data, "debug")==0) debug ^= 1; @@ -744,6 +750,7 @@ rwrite(Job *job, Mfile *mf, Request *req) if (send) goto send; +query: /* * kill previous reply */ |