[OpenAFS-devel] setgroups() fails to change pag under linux 2.6
Garrett Wollman
wollman@csail.mit.edu
Mon, 24 Jul 2006 11:48:22 -0400
<<On Mon, 24 Jul 2006 10:58:39 -0400, Jeffrey Hutzelman <jhutz@cmu.edu> said:
> The 8 bits aren't about indicating that the group encoding is valid;
> they're not even encoded. They're about distinguishing PAG's from UID's in
> all the _other_ places where they appear.
There's another way to handle this, though: never let anything other
than a PAG appear. I don't have the source code in front of me at the
moment, but my recollection is that UIDs show up when the "look up a
PAG for this credential" operation returns NOPAG. If that operation
can never fail in this way (by, for example, lazily associating a fake
PAG with every UID) then no such confusion can occur. Some operating
systems may provide an efficient means for doing this, so it makes
sense to me to do the PAG-based versus UID-based context handling in
this way.
(Implementing this as a TrustedBSD MAC policy, for example, should be
fairly easy and provide all the expected semantics.)
-GAWollman