From 56d7341763046244bce789f1355441345711958c Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 30 Nov 2019 23:32:03 +0100 Subject: [PATCH] disable NSS for root --- src/gns/nss/nss_gns_query.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/gns/nss/nss_gns_query.c b/src/gns/nss/nss_gns_query.c index 4f5f06cfa..7b69282cb 100644 --- a/src/gns/nss/nss_gns_query.c +++ b/src/gns/nss/nss_gns_query.c @@ -63,6 +63,8 @@ gns_resolve_name (int af, const char *name, struct userdata *u) int out[2]; pid_t pid; + if (0 == getuid ()) + return -2; /* GNS via NSS is NEVER for root */ if (0 != pipe (out)) return -1; pid = fork (); @@ -71,9 +73,9 @@ gns_resolve_name (int af, const char *name, struct userdata *u) if (0 == pid) { char *argv[] = { "gnunet-gns", - "-r", //Raw output for easier parsing + "-r", /* Raw output for easier parsing */ #ifdef LSD001 - "-d", //DNS compatibility (allow IDNA names, no UTF-8) + "-d", /* DNS compatibility (allow IDNA names, no UTF-8) */ #endif "-t", (AF_INET6 == af) ? "AAAA" : "A", -- 2.25.1