Subject: Re: crcmp(), once again
To: YAMAMOTO Takashi <>
From: Roland Illig <>
List: tech-kern
Date: 11/17/2005 23:40:54
YAMAMOTO Takashi wrote:
>>   - It is unclear why it is necessary at all.
> why unclear, while you know where it's used?

Because I don't know why the whole set of credentials needs to be 
compared. Until now, no one has answered this question.

>>   - It is the only reason for sorting group lists
>>     when they enter the kernel via setgroups(),
>>     which itself is considered unwanted.
> i don't think the result of setgroups is fed into crcmp.
> the change didn't fix anything and should be backed out, IMO.

See the ChangeLog for src/sys/kern/kern_prot.c.

>>   - It has a big FIXME comment.
>>     src/sys/kern/kern_prot.c
> i don't see why it needs to be fixed.
> credentials with the different order of groups are different.

Please explain why the order of groups is important. I don't see it.