netbsd-users: Re: HELP: su: setting user context: Invalid argument

Subject: Re: HELP: su: setting user context: Invalid argument
To: Eric Fox <eric@fox.phoenix.az.us>
From: David Laight <david@l8s.co.uk>
List: netbsd-users
Date: 11/23/2002 16:06:45

> > 	su: initgroups(root,0): Invalid argument
> 
> Interestingly the man page for initgroups says:
>     If the groups database lists more than NGROUPS groups for name
>     (including one for basegid), the later groups are ignored.
> 
> The code doesn't do this!

found - and it is a rather nasty problem if the kernel's
NGROUPS doesn't match that of libc (esp. gen/initgroups.c).
If the kernel supports more groups, then random group numbers
can be set!

The fix (to make later groups be ignored) is:

Index: initgroups.c
===================================================================
RCS file: /cvsroot/basesrc/lib/libc/gen/initgroups.c,v
retrieving revision 1.19
diff -u -r1.19 initgroups.c
--- initgroups.c	2000/01/22 22:19:11	1.19
+++ initgroups.c	2002/11/23 16:01:08
@@ -64,7 +64,8 @@
 	_DIAGASSERT(uname != NULL);
 
 	ngroups = NGROUPS;
-	getgrouplist(uname, agroup, groups, &ngroups);
+	if (getgrouplist(uname, agroup, groups, &ngroups) == -1)
+		ngroups = NGROUPS;
 	if (setgroups(ngroups, groups) < 0)
 		return (-1);
 	return (0);


	David

-- 
David Laight: david@l8s.co.uk