On Thu, 17 Nov 2005, John-Mark Gurney wrote:
Hartmut Brandt wrote this message on Thu, Nov 17, 2005 at 12:19 +0000:
harti 2005-11-17 12:19:19 UTC
FreeBSD src repository
Modified files:
usr.sbin/rpc.lockd kern.c
Log:
When a user is in more than 16 groups the call to authunix_create() will
result in abort() beeing called. This is because there is a limit of
the number of groups in the RPC which is 16. When the actual number of
groups is too large it results in xdr_array() returning an error which,
in turn, authunix_create() handles by just calling abort().
Fix this by passing only the first 16 groups to authunix_create().
Can't this cause problems with files that have a mode of 0604? Since
normally the user would be unable to read it, but if the group gets
dropped, then he is now able to access or lock the file? I don't know
what the groups are used, but silently dropping groups sounds bad to
me...
Yes, but it's not at all clear what one is to do about it, other than to
document that if you change the max groups constant and use groups above
the max supported by that RPC auth type, you will have problems.
Robert N M Watson
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "[EMAIL PROTECTED]"