When changing the kernel to handle groups beyond 32, and of course the
glibc as well, I noticed that I could no longer SSH out of the box.
The problem with this is not huge, ask a few questions, some more
recompiling and then ssh will start working. Fine.
The problem now is more one of maintenance. Most distributions do not
support groups > 32 AFAIK. So, it's lead me to ask the following
questions:
1. Why, in general, is the limit so low?
For specific application, mainly auditing and such, this would be
advantageous I think.
2. What is required to limit the dependence on groups to just GLIBC or
just the kernel? Is that even possible?
3. Is there any true advantage to supporting more than 32 groups, or
creating "meta-groups" to get around the problem?
The main reason I ask, is because just like the unknown with ssh not
supporting > 32 groups without modification, there can be others. Plus
with most distros, using automated upgrades via push, or some such
mechanism is encumbered by customizations to glibc, ssh, and potentially
other packages.
-- Austin Gonyou <austin@digitalroadkill.net> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Jul 23 2002 - 22:00:24 EST