[PATCH 1/4] Make sure groups[0] is the effective gid on FreeBSD.
Jeremy Allison
jra at samba.org
Fri Jun 8 04:49:22 GMT 2007
On Thu, Jun 07, 2007 at 09:39:39PM -0700, Jeremy Allison wrote:
>
> What I'd like to see is a parallel implementation
> of the functions you want to change in the security
> context code, that only work for *BSD.
One more thing (sorry for going on about this but
I'm really paranoid about this :-).
I dislike the way you've added the new
apply_unix_token() call - I feel this is
the wrong way to do things.
What I'd like to see is a *BSD specific
version of sys_setgroups() that re-arranges
the groups as *BSD requires. I'm not
averse to changing the function interface
from it's current :
int sys_setgroups(int setlen, gid_t *gidset);
to be :
int sys_setgroups(gid_t primary_gid, int setlen, gid_t *gidset);
as I think on *BSD you need to know the primary gid
for setgroups to work correctly.
But I don't think you need to be changing
code in smbd/sec_ctx.c *AT ALL* for this.
Jeremy.
More information about the samba-technical
mailing list