Re: [RFC] getgroups2 system call

To: Emmanuel Dreyfus <manu%netbsd.org@localhost>
Subject: Re: [RFC] getgroups2 system call
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Tue, 13 Dec 2011 23:59:02 -0500

On Wed, Dec 14, 2011 at 06:05:53AM +0100, Emmanuel Dreyfus wrote:
> 
> At this point, I think I will fetch secondary groups through sysctl,
> this seems to be the point of least resistance.

You are not worried about security issues resulting from the fact
that time will pass, and the process may do other operations which
modify its credentials, before the operation completes?

This seems like a very dangerous idea for a filesystem.

-- 
Thor Lancelot Simon                                    tls%panix.com@localhost
  "All of my opinions are consistent, but I cannot present them all
   at once."    -Jean-Jacques Rousseau, On The Social Contract

Follow-Ups:
- Re: [RFC] getgroups2 system call
  - From: Emmanuel Dreyfus

References:
- Re: [RFC] getgroups2 system call
  - From: Christos Zoulas
- Re: [RFC] getgroups2 system call
  - From: Emmanuel Dreyfus

Prev by Date: Re: [RFC] getgroups2 system call
Next by Date: Re: [RFC] getgroups2 system call
Previous by Thread: Re: [RFC] getgroups2 system call
Next by Thread: Re: [RFC] getgroups2 system call
Indexes:

Home | Main Index | Thread Index | Old Index