Date: Tue, 20 Mar 2001 11:30:52 +0100 From: Wolfram Schneider <bsd@panke.de.freebsd.org> To: Brett Glass <brett@lariat.org> Cc: Terry Lambert <tlambert@primenet.com>, Sergey Babkin <babkin@bellatlantic.net>, security@FreeBSD.ORG, Wes Peters <wes@softweyr.com>, Robert Watson <rwatson@FreeBSD.ORG>, fs@FreeBSD.ORG Subject: Re: about common group & user ID space (PR kern/14584) Message-ID: <20010320113052.A1141@paula.panke.de.freebsd.org> In-Reply-To: <4.3.2.7.2.20010318123759.00d9dd10@localhost>; from brett@lariat.org on Sun, Mar 18, 2001 at 12:42:17PM -0700 References: <3AB3FC38.94711FFF@bellatlantic.net> <200103180738.AAA03250@usr05.primenet.com> <4.3.2.7.2.20010318123759.00d9dd10@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2001-03-18 12:42:17 -0700, Brett Glass wrote: > At the same time, it'd be nice to eliminate the arbitrary limitations > on (a) the number of groups of which a user can be a member and (b) the > number of members in a group. Both of these limitations often bite > administrators who, for example, want most users of a system to be > members of a particular group or want to implement group-based access > control schemes with a moderate degree of granularity. The current length limit for a line in /etc/groups is 256KByte, which should be enough for 65536 users in one group ;-) Please keep in mind that other OS has lower limits, eg. Solaris had a limit of 1024 characters (~200 user per group) and NIS/YP may not work with lines longer 1024 characters. You can increase the limit if you want and recompile your libc. See src/lib/libc/gen/getgrent.c,v for more details. The support for long lines was added in Dec 1996. -Wolfram -- Wolfram Schneider <wosch@freebsd.org> http://wolfram.schneider.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010320113052.A1141>