[PATCH 1/4] Make sure groups[0] is the effective gid on FreeBSD.

Jeremy Allison jra at samba.org
Fri Jun 8 04:39:39 GMT 2007


On Thu, Jun 07, 2007 at 09:31:25PM -0700, Jeremy Allison wrote:
> 
> I want to see the *BSD brokenness split out as
> far as possible as a sepeate set of #ifdefs
> from the working code so I can see *exactly*
> what you're doing here.

Sorry, I should be clearer here about what I'm
objecting to.

What I'd like to see is a parallel implementation
of the functions you want to change in the security
context code, that only work for *BSD.

Then I can see *exactly* what the difference is
between what we have now, and what you've changed
for the *BSD bugs.

Once I've run this through a debugger on Linux
and other non-*BSD systems, and compared the
process security contexts with both the old and
your new code, then I'll consider moving over
to the new implementation.

One of the security bugs we recently fixed
with 3.0.25 was related to an unwise change in
this area, as you know, so I'm *very* *very*
sensitive about this right now.

Jeremy.


More information about the samba-technical mailing list