Date: Tue, 6 Jan 2004 23:25:48 +0100 From: Nicolas Rachinsky <list@rachinsky.de> To: Adil Katchi <AdilK@sandvine.com> Cc: freebsd-hackers@freebsd.org Subject: Re: switching between groups Message-ID: <20040106222548.GA22917@pc5.i.0x5.de> In-Reply-To: <FE045D4D9F7AED4CBFF1B3B813C85337029120C2@mail.sandvine.com> References: <FE045D4D9F7AED4CBFF1B3B813C85337029120C2@mail.sandvine.com>
next in thread | previous in thread | raw e-mail | index | archive | help
* Adil Katchi <AdilK@sandvine.com> [2004-01-06 17:01 -0500]: > I don't follow, what do you mean? A file with mode rw----r-- owned by root:group1 could be read by anyone who is not in group1. Nicolas Confusing quote: > -----Original Message----- > From: Nicolas Rachinsky [mailto:list@rachinsky.de] > Sent: Tuesday, January 06, 2004 4:44 PM > To: 'freebsd-hackers@freebsd.org' > Cc: Adil Katchi > Subject: Re: switching between groups > > > * Bruce M Simpson <bms@spc.org> [2004-01-06 18:11 +0000]: > > On Tue, Jan 06, 2004 at 11:14:06AM -0500, Adil Katchi wrote: > > > I was just wondering if anyone has any ideas how it's possible for a > user > > > that belongs to multiple groups to somehow limit his or her own > capabilities > > > by using only one of the n groups that they belong to and be able to > switch > > > between these groups? For example, if userA belongs to groupA, groupB > and > > > groupC, can userA enter a mode that would force it to only belong to > groupA > > > (or groupB, or groupC)? UserA whould be able to switch between these > groups > > > and back to normal (ie. belong to all groups). > > > > newgrp(1) could be hacked to do this fairly easily. Currently it preserves > > supplemental group memberships. An option to discard supplementals could > > be added. > > But you shouldn't forget, you can deny access to a specific group now. > This won't work any longer, when users can leave groups at will. > > Nicolas >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040106222548.GA22917>