On Thu, 17 Nov 2005, John-Mark Gurney wrote:
Hartmut Brandt wrote this message on Thu, Nov 17, 2005 at 12:19 +0000:harti 2005-11-17 12:19:19 UTC FreeBSD src repository Modified files: usr.sbin/rpc.lockd kern.c Log: When a user is in more than 16 groups the call to authunix_create() will result in abort() beeing called. This is because there is a limit of the number of groups in the RPC which is 16. When the actual number of groups is too large it results in xdr_array() returning an error which, in turn, authunix_create() handles by just calling abort(). Fix this by passing only the first 16 groups to authunix_create().Can't this cause problems with files that have a mode of 0604? Since normally the user would be unable to read it, but if the group gets dropped, then he is now able to access or lock the file? I don't know what the groups are used, but silently dropping groups sounds bad to me...
Yes, but it's not at all clear what one is to do about it, other than to document that if you change the max groups constant and use groups above the max supported by that RPC auth type, you will have problems.
Robert N M Watson _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[EMAIL PROTECTED]"
