Date: Tue, 26 Aug 2025 13:50:34 GMT From: Lorenzo Salvadore <salvadore@FreeBSD.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org Subject: git: 387f30ecec - main - Status/2025Q2/groupe-changes.adoc: Add report Message-ID: <202508261350.57QDoYjS092157@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by salvadore: URL: https://cgit.FreeBSD.org/doc/commit/?id=387f30ecec1fa147d9cf41bd1facbc4c369da472 commit 387f30ecec1fa147d9cf41bd1facbc4c369da472 Author: Kyle Evans <kevans@FreeBSD.org> AuthorDate: 2025-08-19 04:19:41 +0000 Commit: Lorenzo Salvadore <salvadore@FreeBSD.org> CommitDate: 2025-08-26 13:50:00 +0000 Status/2025Q2/groupe-changes.adoc: Add report Pull Request: https://github.com/freebsd/freebsd-doc/pull/539 --- .../report-2025-04-2025-06/group-changes.adoc | 27 ++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/website/content/en/status/report-2025-04-2025-06/group-changes.adoc b/website/content/en/status/report-2025-04-2025-06/group-changes.adoc new file mode 100644 index 0000000000..01dc8f2a13 --- /dev/null +++ b/website/content/en/status/report-2025-04-2025-06/group-changes.adoc @@ -0,0 +1,27 @@ +=== ucred / group changes in FreeBSD 15.0 + +Links: + +link:https://lists.freebsd.org/archives/freebsd-hackers/2025-August/004825.html[freebsd-arch@ discussion] URL: https://lists.freebsd.org/archives/freebsd-hackers/2025-August/004825.html[] + +link:https://cgit.freebsd.org/src/commit/sys/sys/ucred.h?id=be1f7435ef218b1df35aebf3b90dd65ffd8bbe51[Primary kernel change] URL: https://cgit.freebsd.org/src/commit/sys/sys/ucred.h?id=be1f7435ef218b1df35aebf3b90dd65ffd8bbe51[] + +link:https://cgit.freebsd.org/src/commit/sys/kern/kern_prot.c?id=9da2fe96ff2ea227e4d5f03ef92b55aabeabb7fc[Primary userspace change] URL: https://cgit.freebsd.org/src/commit/sys/kern/kern_prot.c?id=9da2fe96ff2ea227e4d5f03ef92b55aabeabb7fc + +Contact: Kyle Evans <kevans@FreeBSD.org> + +Contact: Olivier Certner <olce@FreeBSD.org> + +FreeBSD 15.0 will change how supplementary groups are handled in both userspace and the kernel in FreeBSD 15.0 in a way that warrants additional attention and feedback. + +For some background: FreeBSD has historically tracked the effective group-ID of a process in the man:ucred[9] cr_groups array as the first element, with the rest of the array describing its supplementary groups. +The natural consequence of this decision is that the arrays used in man:setgroups[2] and man:getgroups[2] follow the same format, and man:setgroups[2] has the documented side effect of setting the effective group-ID. +The vast majority of other platforms do not exhibit this behavior anymore, including NetBSD and OpenBSD. +macOS appears to be the only exception found in testing. + +The problem is that the vast majority of software in the FreeBSD Ports Collection comes from other platforms, where man:setgroups[2] and man:setgroups[2] operate purely on the supplementary groups. +This kind of a behavior difference is very subtle and would need to be audited more carefully to be sure that we have not introduced a potential security issue in ported software. + +In FreeBSD 15.0, the primary user-facing change is that man:setgroups[2], man:getgroups[2], and man:initgroups[3] behavior will change to match other platforms, and users are requested to be extra vigilant in areas that may be affected as we proceed through the release cycle. +In general, the expectation is that this change may: + +* Fix some small number of bugs where we would have lost either our expected effective group membership or one of the supplementary groups we should have been in +* (Less likely) Introduce some even smaller number of bugs where something expected man:setgroups[2] to change our effective group membership but now it is just a supplementary group and our effective group-ID is unchanged + +Software included in the base system is largely unaffected or improved by this change, with OpenSSH being a notable example of a link:https://cgit.freebsd.org/src/commit/?id=239e8c98636a7578cc67a6f9d54d14c71b095e36[strange bug] caused by the historical implementation.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202508261350.57QDoYjS092157>