[Bug 787] Minor security problem due to use of deprecated NGROUPS_MAX in uidswap.c (sshd)
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Feb 24 10:36:44 EST 2004
http://bugzilla.mindrot.org/show_bug.cgi?id=787
------- Additional Comments From openssh_bugzilla at hockin.org 2004-02-24 10:36 -------
NGROUPS_MAX might be INT_MAX. You *can't* use it as an array size.
We could replace getgrouplist() with a hand-rolled:
int get_ngroups(const char *user);
That would avoid the reliance on using getgrouplist() with a short list. How
hard is it to walk the getgr* functions to count how many groups you are in? We
can add the 'base' group, too and filter that out from the getgr* results. I
bet it's 20 lines of code.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list