On Wed, 22 May 2024 22:17:53 +0100, Rainer Weikusat
<
rweikusat@talktalk.net> wrote in <
874japwnpa.fsf@doppelsaurus.mobileactivedefense.com>:
The initgroups and getgrouplist functions take an additional gid
argument and this gid is added to the set of returned groups
(getgrouplist) or groups the supplementary group list is set to
(initgroups). Man pages for the latter typically say something like
This is typically the real group ID from the user database.
about the additional gid argument.
One could argue that the additional gid argument to getgroupslist makes
some sense because it's supposed to return all groups the user is member
of, although that's still a weird interface. But for initgroups, this
gid will end up on the supplementary groups list of the process, taking
up one of the available slots there, despite this isn't necessary (on
Linux at least) when - as suggested by the manpage - the passed value is
the user's primary group which will usually be (or need to become if a persona change is supposed to take place) the (e)gid of the process.
I assume this additional argument is good for something in some
situation, however, I have no idea what this something and said
situation could be. Does anybody know more about this and would be
willing to share it?
Beats me why it's done this way, but thought I'd point out that
on Linux, NGROUPS_MAX -- though it used to be only 16 -- is now
65536.
Just checked MacOS though -- there, it is still 16.
#include <stdio.h>
#include <limits.h>
int main (void)
{
printf("%d\n",NGROUPS_MAX);
return 0;
}
--
-v
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)