https://bugzilla.novell.com/show_bug.cgi?id=740110
https://bugzilla.novell.com/show_bug.cgi?id=740110#c14
Andreas Jaeger changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |aj@suse.com
--- Comment #14 from Andreas Jaeger 2012-07-04 11:00:07 UTC ---
Looking at your submitrequest, I see:
++ gid_t gid = 0, oegid = 0, groups[64];
...
++ if ((oeuid = geteuid()) < 0 || (oegid = getegid()) < 0 ||
++ (ngids = getgroups(sizeof(groups)/sizeof(gid_t), groups)) < 0) {
++ syslog(LOG_ERR, "pam_ecryptfs: geteuid error");
++ goto outnouid;
this could fail if the user is in more than 64 groups, so I would give it a
separate if statement with extra syslog.
In general, I do not like hardcoding of limits. 64 groups might be a lot in
practice, but the real limit is much larger (run getconf NGROUPS_MAX).
Allocation via malloc is an alternative...
Btw. if you intend to use 64 groups as max, make it a compile time constant at
the beginning of the program instead of writing 64 in several places.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.