Re: [RFC] getgroups2 system call

To: Michael van Elst <mlelstv%serpens.de@localhost>
Subject: Re: [RFC] getgroups2 system call
From: Eric Haszlakiewicz <erh%nimenees.com@localhost>
Date: Wed, 14 Dec 2011 15:22:19 -0600

On Wed, Dec 14, 2011 at 07:57:43AM +0000, Michael van Elst wrote:
> mm_lists%pulsar-zone.net@localhost (Matthew Mondor) writes:
> 
> >What does NFS do in this case?  I seem to remember that it also imposes
> >a sane size limit, possibly even below NGROUPS_MAX, is it really the
> >case?  If so, would this also be acceptable?
> 
> NFS (or rather the underlying SunRPC) passes an array of 16 gids, which is
> a common problem when you try to use groups for fine grained access control.

Based on what I've read, it's only NFSv3 that works like that.  With
NFSv4 the access control can be based on what groups the server thinks the
user is in, so there are no group ids being passed.

eric

Follow-Ups:
- Re: [RFC] getgroups2 system call
  - From: Michael van Elst

References:
- Re: [RFC] getgroups2 system call
  - From: Thor Lancelot Simon
- Re: [RFC] getgroups2 system call
  - From: Emmanuel Dreyfus
- Re: [RFC] getgroups2 system call
  - From: Matthew Mondor
- Re: [RFC] getgroups2 system call
  - From: Michael van Elst

Prev by Date: Re: [RFC] getgroups2 system call
Next by Date: Re: ehci1: missed microframe, TT reset not implemented, hub might be inoperational
Previous by Thread: Re: [RFC] getgroups2 system call
Next by Thread: Re: [RFC] getgroups2 system call
Indexes:

Home | Main Index | Thread Index | Old Index