From owner-cvs-sys Mon Mar 31 05:54:01 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id FAA18611 for cvs-sys-outgoing; Mon, 31 Mar 1997 05:54:01 -0800 (PST) Received: from root.com (implode.root.com [198.145.90.17]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA18593; Mon, 31 Mar 1997 05:53:21 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by root.com (8.8.5/8.6.5) with SMTP id FAA09559; Mon, 31 Mar 1997 05:54:54 -0800 (PST) Message-Id: <199703311354.FAA09559@root.com> X-Authentication-Warning: implode.root.com: localhost [127.0.0.1] didn't use HELO protocol To: Peter Wemm cc: CVS-committers@freefall.freebsd.org, cvs-all@freefall.freebsd.org, cvs-sys@freefall.freebsd.org Subject: Re: cvs commit: src/sys/kern kern_prot.c In-reply-to: Your message of "Mon, 31 Mar 1997 05:21:39 PST." <199703311321.FAA17115@freefall.freebsd.org> From: David Greenman Reply-To: dg@root.com Date: Mon, 31 Mar 1997 05:54:54 -0800 Sender: owner-cvs-sys@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk >peter 97/03/31 05:21:39 > > Modified: sys/kern kern_prot.c > Log: > Make setgroups(0, xxx) behave as it does on SYSV, namely clear the groups > vector except for the egid in groups[0]. There is a risk that programs > that come from SYSV/Linux that expect this to work and don't check for > error returns may accidently pass root's groups on to child processes. > > We now do what is least suprising (to non BSD programs/programmers) in > this scenario, and nothing is changed for programs written with BSD groups > rules in mind. I changed it to the way it was to avoid a panic in the NFS code (which can't deal with a no-groups situation). Did you revert this fix, or does this do something different so as to avoid the NFS panic? -DG David Greenman Core-team/Principal Architect, The FreeBSD Project