On Mon, Oct 12, 2009 at 05:47:12PM +0200, Casper.Dik at Sun.COM wrote: > >If you use NTFS ACLs that include deny entries this differs.
That's true, but there's just not much we can do about AUTH_SYS, and as Casper says, "AUTH_SYS is a security risk in itself". > >As we are talking about older NFS versions that do not support NTFS ACLs, it > >seems > >to be not a security risk to truncate the list. NFSv4 ACLs are very much like NTFS ACLs, particularly in that they can have DENY ACEs. > The only other issue is that truncating may cause unexplained permission > issues. However, not truncating the gid list requires the administrator > to give all users at most 16 groups or they won't be able to use NFS. Specifically it may cause non-deterministic behavior. Sorting the group list will cause deterministic behavior, but that is probably worse. Ideally we could just wave our hands and make AUTH_SYS go away. But we can't. What we can do though is this: the NFS server could look up the group memberships of the UID asserted by an AUTH_SYS client. Nico --
