[PATCH 1/4] Make sure groups[0] is the effective gid on FreeBSD.
James Peach
jpeach at samba.org
Fri Jun 8 18:12:39 GMT 2007
On Jun 8, 2007, at 9:48 AM, Jeremy Allison wrote:
> On Fri, Jun 08, 2007 at 09:01:44AM -0700, James Peach wrote:
>>
>> There's 2 related issues in this patch set. The first is the BSD-
>> style
>> changes for setgroups, the second is the Darwin-specific changes to
>> the order of credential operations.
>
> If it's Darwin specific then I want it split into a Darwin-specific
> change.
>
>> The current code intertwines these two parts in two places,
>> set_sec_ctx() and pop_sec_ctx(). I felt that splitting the credential
>> switch into a separate function made this a lot clearer. There is
>> exactly one place where the credential is switched and the credential
>> switching code is not mixed with the security context stack
>> management
>> code. The result is credential switching code that is easier to read,
>> audit and log.
>
> Sez you. The existing code works, and works well on all
> but one class of broken systems (*BSD).
>
> Please do not modify existing working code, just fix
> the specific problem. Don't get creative here.
>
>> Yep, I have a tree with a similar patch, but the Darwin initgroups
>> wrapper needs to be passed the UID you are switching to.
>> Additionally,
>> for Darwin the order of operations in the credential switch is
>> important. This means that I can't hide all of this behind
>> sys_setgroups().
>
> That's a Darwin bug (IMHO). Their credentials system is now
> non-POSIX and now non-standard.
>
> When are they planning to fix that ?
>
>> I would be very happy to split apply_unix_token into a separate
>> Darwin
>> implementation, if you would prefer that better. Perhaps it is poorly
>> named, maybe it should be:
>>
>> BOOL switch_to_credential(const UNIX_USER_TOKEN *ut)
>
> No, I want the change I asked for - a modified
> sys_setgroups that works for *BSD
OK, I'll do that for SAMBA_3_0 only (at least for now).
> If Darwin is broken after that, then let's push for
> them to fix their code.
There is no possibility of that.
--
James Peach | jpeach at samba.org
More information about the samba-technical
mailing list