Subject: Re: crcmp(), once again
To: YAMAMOTO Takashi <email@example.com>
From: Roland Illig <rillig@NetBSD.org>
Date: 11/17/2005 23:40:54
YAMAMOTO Takashi wrote:
>> - It is unclear why it is necessary at all.
> why unclear, while you know where it's used?
Because I don't know why the whole set of credentials needs to be
compared. Until now, no one has answered this question.
>> - It is the only reason for sorting group lists
>> when they enter the kernel via setgroups(),
>> which itself is considered unwanted.
> i don't think the result of setgroups is fed into crcmp.
> the change didn't fix anything and should be backed out, IMO.
See the ChangeLog for src/sys/kern/kern_prot.c.
>> - It has a big FIXME comment.
> i don't see why it needs to be fixed.
> credentials with the different order of groups are different.
Please explain why the order of groups is important. I don't see it.