CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2024/11/04 14:59:15
Modified files:
lib/libc/gen : initgroups.c
sbin/mountd : mountd.c
usr.bin/id : id.c
usr.bin/ssh : groupaccess.c
usr.sbin/authpf: authpf.c
Log message:
Ignore extra groups that don't fit in the buffer passed to getgrouplist(3)
Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents
an admin from adding a user to more groups. With that tweak we'll keep
on ignoring them instead of potentially reading past the buffer passed to
getgrouplist(3). That behavior is explicitely described in initgroups(3).
ok millert@ gilles@
