ph10@??? said:
> (2) Invent a notional flag that is set for certain options,
> restricting them to admin users only. This is not a huge amount of
> work, and I think there are only a few such options:
...
> all the query or queries options, because they can contain
> password information in LDAP queries
Isn't that anything thats an expanded string, host list or domain list
included there? Thats quite a lot....
You could special case -bP - *before* reading the config, if the
command is a -bP, setuid() to the invoking UID. Then you decide on
config visisbility by config file permissions.
Nigel.
--
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000 Fax +44 1423 858866 ]