Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 7 May 2005 06:35:34 +0300
From:      Giorgos Keramidas <keramida@ceid.upatras.gr>
To:        John Baldwin <jhb@freebsd.org>, Robert Drehmel <robert@freebsd.org>
Cc:        cvs-all@freebsd.org
Subject:   Re: cvs commit: src/usr.bin/id id.c
Message-ID:  <20050507033534.GB25267@gothmog.gr>
In-Reply-To: <200504291011.j3TABIaM036367@repoman.freebsd.org>
References:  <200504281555.j3SFtsYB052286@repoman.freebsd.org> <200504281308.51058.jhb@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 2005-04-28 13:08, John Baldwin <jhb@freebsd.org> wrote:
>On Thursday 28 April 2005 11:55 am, Robert Drehmel wrote:
>>   Modified files:
>>     usr.bin/id           id.c
>>   Log:
>>    - Merge two functions for printing `id' output.
>>      Showing the ids of both an user given by an argument to `id',
>>      and the current user, is now handled in a single function.
>>      Displaying the current user's ids was inaccurate because
>>      getgroups(2) had been used.  getgroups(2) returns the current
>>      kernel state of a user's groups, which may not always be
>>      correct if /etc/group was recently changed.
>
> I thought that was a feature rather than a bug since it shows you your real
> actual credentials.

It is a feature, imho.  Displaying the current credentials may show
different output in two sessions that span a period that includes
changes to /etc/group, but this is the Right Thing(TM).

By showing something different than the current credentials, a user may
be tricked into believing he actually *has* permission to a file when
that is not true for the current session :-(

On 2005-04-29 10:11, Robert Drehmel <robert@freebsd.org> wrote:
>   Add flag to choose whether to use getgrouplist(3) or getgroups(2)
>   to the id_print() function.
>
>   Use getgrouplist(3) for the case when an user was specified,
>   and getgroups(2) when no user was given.
>   That reverts to the expected behaviour and makes it easy to
>   implement an option later to force using getgrouplist(3).
>
>   Revision  Changes    Path
>   1.26      +11 -6     src/usr.bin/id/id.c

Amazing!  Thanks for this :)))

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050507033534.GB25267>