On Tue, Dec 13, 2011 at 02:19:30PM +0000, Emmanuel Dreyfus wrote: > A third way was suggested on the fuse-devel mailing list: adding a > system call to retreive a process' secondary groups. The prototype > would be moddled on getgroups(2): > > int getgroups2(int gidsetlen, gid_t *gidset, pid_t pid); > > Il this is preferred, it could also be named getgroupspid(2)
Ugh. I don't like it. The credentials for an operation should be passed along with the operation, not fetched through a side channel. Even if the operation is completely synchronous, using a side channel like this is at best bodgy. If it's not completely synchronous, it's doomed to fail horribly. This interface would also make it permanently impossible to run fuse servers with reduced privilege. I would argue that if what you need is a hack, fuse itself was never meant to be fast and so sysctl is an adequate method; if you want to do it right, extend the protocol correctly. (And in any event, it should be "int getpidgroups(pid_t pid, int gidsetlen, gid_t *gidset)".) -- David A. Holland dholl...@netbsd.org