[Stripping CC somewhat]

# Elad Efrat 2007-06-23:
> while the changes to get/setgroups syscall internals and compat calls
> will not change the user experience in any way, breaking kauth's opacity
> have direct and immediate implications in the form of not allowing much
> flexibility when implementing new security models that expand beyond
> what is currently allowed by bsd44.

Could you provide some specific examples of what was possible before
but will be impossible because of David's change?

> additionally, it is well worth pointing out that the benefit you
> introduced is orthogonal to breaking the interface's opacity, and could
> have been introduced either way.

I don't quite see how opacity gets harmed -- the group list was a flat
array before and it's still a flat array now...

	-- Jachym, just being curious.