Hi! Recently several FreeBSD samba users reported a scary problem with samba (http://bugzilla.samba.org/?id=3990). Further research in cooperation with Timur Bakeyev (timur) showed, that we have a little problem with setegid implementation. In FreeBSD (and even in 4.4BSD-Lite2) egid of the process is merely groups[0], so calling seteuid function we simply override the first of supplementary groups. However, POSIX says that not rgid, not any of supplementary groups should bot be rewritten in setegid call.
There's some comments about optimizations which caused so scary implementation, but I can't get what these optimizations are. Our first cvs revision of kern_prot.c already contains similar implementation with egid being effectively groups[0]. Probably, some of old-school committers remembered the initial intention of making egid equal to groups[0]? Probably, I have missed something? Thanks a lot! -- Stanislav Sedov ST4096-RIPE
pgp7eSCNytZaQ.pgp
Description: PGP signature
