Subject: hesiod group lookup out of synch with reality
To: None <tech-net@netbsd.org>
From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
List: tech-net
Date: 07/02/2000 19:28:53
I'm working on clearing out the security-officer gnats backlog.

Anyone who cares about hesiod might want to take a look at lib/9467

pr 9467 was assigned to "security" class by the submitter, but it's
really a "lib" bug.  see PR lib/9467 (formerly security/9467).

There are two flavors of hesiod out there -- one as done by
MIT/Project Athena, and one as mangled by DEC in Ultrix.  They
disagree in exactly how uid/gid information is encoded in the
namespace.

Ultrix hesiod just embeds both forward and reverse information in the
group map, while the original MIT scheme has forward information in
the "group" map and reverse information in the "gid" map.

The same is the case for uid lookups, but this was fixed; however,
whoever fixed it didn't also fix the groups case.

					- Bill