From owner-freebsd-standards@freebsd.org Wed Oct 4 06:54:27 2017 Return-Path: Delivered-To: freebsd-standards@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 11EBDE30569 for ; Wed, 4 Oct 2017 06:54:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 00885743B9 for ; Wed, 4 Oct 2017 06:54:27 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v946sQDC061750 for ; Wed, 4 Oct 2017 06:54:26 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 220779] getgroups result is affected by setegid Date: Wed, 04 Oct 2017 06:54:26 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: standards X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: kib@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-standards@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-standards@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Standards compliance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Oct 2017 06:54:27 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220779 Konstantin Belousov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |brooks@FreeBSD.org, | |kib@FreeBSD.org --- Comment #3 from Konstantin Belousov --- The SUSv4TC2 is quite explicit about it. It allows either behavior, even accepting changing behavior on the same system: As implied by the definition of supplementary groups, the effective group ID may appear in the array returned by getgroups() or it may be returned only by getegid( ). Duplication may exist, but the application needs to call getegid( ) to be sure of getting all of the information. Various implementation variations and administrative sequences cause the set of groups appearing in the result of getgroups( ) to vary in order and as to whether the effective group ID is included, even when the set of groups is the same (in the mathematical sense of ``set''). (The history of a process and its parents could affect the details of the result.) So as far as no group ids are dropped by an operation, it is fine to have egid to not appear in the secondary group list, or to appear after further changes. Can you demonstrate a case where we loose a group from the list ? --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-standards@freebsd.org Wed Oct 4 10:52:32 2017 Return-Path: Delivered-To: freebsd-standards@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9DC13E35A28 for ; Wed, 4 Oct 2017 10:52:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8C45F8026D for ; Wed, 4 Oct 2017 10:52:32 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v94AqWqI092057 for ; Wed, 4 Oct 2017 10:52:32 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 220779] getgroups result is affected by setegid Date: Wed, 04 Oct 2017 10:52:32 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: standards X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: muh.muhten@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-standards@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-standards@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Standards compliance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Oct 2017 10:52:32 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220779 --- Comment #4 from Michael Zuo --- The supplementary group list contains the egid. If we set the supplementary group list with setgroups, then change the egid with setegid, the previous egid is lost from the list of supplementary grou= ps. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-standards@freebsd.org Wed Oct 4 20:33:16 2017 Return-Path: Delivered-To: freebsd-standards@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E90BAE420C4 for ; Wed, 4 Oct 2017 20:33:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D6CF1707D2 for ; Wed, 4 Oct 2017 20:33:16 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v94KXGdl010583 for ; Wed, 4 Oct 2017 20:33:16 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-standards@FreeBSD.org Subject: [Bug 220779] getgroups result is affected by setegid Date: Wed, 04 Oct 2017 20:33:16 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: standards X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: paulm@tetrardus.net X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-standards@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-standards@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Standards compliance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Oct 2017 20:33:17 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220779 paulm changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |paulm@tetrardus.net --- Comment #5 from paulm --- The effective GID is stored in cr_groups[0] in the ucred struct. kern_setgroups() writes to cr_groups[0] in the ucred struct. Therefore, the syscall setgroups(int ngroups, const gid_t *gidset) overwrit= es the effective GID at cr_groups[0] with the first GID in *gidset. (Because setgroups() writes to cr_groups[0], a subsequent call to setegid() will overwrite the supplementary GID at that location. I think this is the symptom Michael Zuo is calling attention to.)=20=20=20=20=20=20 Unless I'm confused about something, the implementation of setgroups() shou= ld write the supplementary group list starting at an offset of +1 in the cr_gr= oups array in struct ucred in order to preserve the effective GID at cr_groups[0= ]. --=20 You are receiving this mail because: You are the assignee for the bug.=