Subject: Re: CVS commit: [elad-kernelauth] src/sys/kern
To: Jason Thorpe <email@example.com>
From: Elad Efrat <elad@NetBSD.org>
Date: 03/13/2006 11:15:22
Jason Thorpe wrote:
> That's not quite the way it works.
> The group list in the kauth_cred_t is consulted first. If there is a
> hit there, then owner of that credential is treated as a member of that
> group. This is how the traditional BSD group list works in OS X.
> The kauth_cred_t also has a "group membership check UID". If that
> value is NOT set, then no consultation of the external group membership
> resolver is performed.
Ah -- I understood it the other way round.
Either way, what's your call in the subject? I'm going to do the cleanup
I mentioned yesterday in that code, should I also remove the sort? (note
der Mouse mentions the ngroups max can be trimmed by a mount, in which
case it might be desired to revert back to original behavior)...