cvs commit: src/usr.sbin/rpc.lockd kern.c

John-Mark Gurney gurney_j at
Thu Nov 17 18:11:58 GMT 2005

Hartmut Brandt wrote this message on Thu, Nov 17, 2005 at 12:19 +0000:
> harti       2005-11-17 12:19:19 UTC
>   FreeBSD src repository
>   Modified files:
>     usr.sbin/rpc.lockd   kern.c 
>   Log:
>   When a user is in more than 16 groups the call to authunix_create() will
>   result in abort() beeing called. This is because there is a limit of
>   the number of groups in the RPC which is 16. When the actual number of
>   groups is too large it results in xdr_array() returning an error which,
>   in turn, authunix_create() handles by just calling abort().
>   Fix this by passing only the first 16 groups to authunix_create().

Can't this cause problems with files that have a mode of 0604?  Since
normally the user would be unable to read it, but if the group gets
dropped, then he is now able to access or lock the file?  I don't know
what the groups are used, but silently dropping groups sounds bad to

  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."

More information about the cvs-src mailing list