savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers] snapshots

From: Gord Eagle
Subject: Re: [Savannah-hackers] snapshots
Date: 18 Apr 2002 16:23:01 -0600
User-agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7 
Loic Dachary <address@hidden> writes:

>  > One other comment: the replacement "setgroups" patch in the Savannah
>  > manual looks bogus.  Why don't you just use the glibc syscall function?
> 
>       There are (were ?) reasons for this. When Gordon initialy
> investigated this issue and figured out how to fix it, he submitted
> modifications to the glibc that were discarded (can't remember why). A
> year passed since I last checked that the problem was still here (hard
> coded limitation), it's probably worth investigating again. The
> setgroup hack is a *pain* to maintain.

I can easily claim to have forgotten the details of what was done.

Mostly, I remember that the alternative solutions were less portable
and/or harder to maintain than the hack I suggested... short of
completely discarding the many-groups configuration of the server, and
relying on CVS security (as other sites do).

The modifications were discarded, I think, because nobody else thought
it was important to pick up the limits of the running kernel instead
of the kernel glibc was compiled against.

I dunno... at the time I sure thought my solution was the best
possible, and was mildly dismayed at the fact people didn't want it in
glibc.  But that's life, and I've moved on. ;)

-- 
Gord Eagle <address@hidden> /\//\ I'm a FIG (http://fig.org/)
   Committed to diversity \//\/ I use GNU (http://fig.org/gnu/)
reply via email to
[Prev in Thread] Current Thread [Next in Thread]