netbsd-bugs: re: kern/4217: the kernel's handling of group permissions is suboptimal

Subject: re: kern/4217: the kernel's handling of group permissions is suboptimal
To: None <gnats-bugs@gnats.netbsd.org>
From: David Laight <david@l8s.co.uk>
List: netbsd-bugs
Date: 08/10/2003 09:37:14

1) Posix takes the stance:
    The related function setgroups() is a privileged operation and
    therefore is not covered by this volume of IEEE Std 1003.1-2001.
   which is rather a copout and not helpful at all!

2/3/4) Posix requires the current behaviour.
   Although I agree that being able to call setgid() with any of the
   supplemantary groups could be useful - although of limited use
   given that netbsd doesn't use the actual group for very much.

Perhaps the documentation of setgroups should be changed?
Or maybe we should let a non-priveleged user re-order the list?

	David

-- 
David Laight: david@l8s.co.uk