David Laight said:

>But all modern SYSV implementations support groups the same way
>netbsd (and solaris) do.  The only thing newgrp does is to
>change the grouop that files are created with.

It also changes file access by a user. A user must do a newgrp to read
a file whose group is not his effective gid. The same goes for running
binaries.

>OTOH it might be useful to remove the kernel limit on the number
>of groups a process can be in.

Someone out there was porting the FreeBSD ufs filesystem that supports
ACLs to NetBSD. So there is the question of how ACL, newgrp, chown,
chmod, and chgrp will all play against each other.

>(Also why is root always explicitly listed in somany groups?
>Traditional root privileges mean it doesn't need to be in any
>groups - putting root in many groups just makes daemons that call
>setuid and setgid but not setgroups leave their children
>with additional privileges.)

This seems to be true of Solaris, NetBSD, System 3, and 4.4BSD-Lite2,
but SunOS 4.1.1 seems to do the right thing.

>Shouldn't the setgroups(2) and setuid(2) mann pages cross
>refer to each other?

Yes.

-- 
Rick Kelly  rmk@rmkhome.com  www.rmkhome.com