Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/nslcd.c
diff options
context:
space:
mode:
Diffstat (limited to 'nslcd/nslcd.c')
-rw-r--r--nslcd/nslcd.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c
index 0d0590e..f7341e3 100644
--- a/nslcd/nslcd.c
+++ b/nslcd/nslcd.c
@@ -377,9 +377,9 @@ static void handleconnection(int sock,MYLDAP_SESSION *session)
TFILE *fp;
int32_t action;
struct timeval readtimeout,writetimeout;
- uid_t uid;
- gid_t gid;
- pid_t pid;
+ uid_t uid=(uid_t)-1;
+ gid_t gid=(gid_t)-1;
+ pid_t pid=(pid_t)-1;
/* log connection */
if (getpeercred(sock,&uid,&gid,&pid))
log_log(LOG_DEBUG,"connection from unknown client: %s",strerror(errno));
@@ -437,8 +437,10 @@ static void handleconnection(int sock,MYLDAP_SESSION *session)
case NSLCD_ACTION_SERVICE_BYNAME: (void)nslcd_service_byname(fp,session); break;
case NSLCD_ACTION_SERVICE_BYNUMBER: (void)nslcd_service_bynumber(fp,session); break;
case NSLCD_ACTION_SERVICE_ALL: (void)nslcd_service_all(fp,session); break;
- case NSLCD_ACTION_SHADOW_BYNAME: if (uid==0) (void)nslcd_shadow_byname(fp,session); break;
- case NSLCD_ACTION_SHADOW_ALL: if (uid==0) (void)nslcd_shadow_all(fp,session); break;
+ case NSLCD_ACTION_SHADOW_BYNAME: if (uid==0) (void)nslcd_shadow_byname(fp,session);
+ else log_log(LOG_DEBUG,"denied shadow request by non-root user"); break;
+ case NSLCD_ACTION_SHADOW_ALL: if (uid==0) (void)nslcd_shadow_all(fp,session);
+ else log_log(LOG_DEBUG,"denied shadow request by non-root user"); break;
case NSLCD_ACTION_PAM_AUTHC: (void)nslcd_pam_authc(fp,session,uid); break;
case NSLCD_ACTION_PAM_AUTHZ: (void)nslcd_pam_authz(fp,session); break;
case NSLCD_ACTION_PAM_SESS_O: (void)nslcd_pam_sess_o(fp,session); break;