Important fix for RC1
Olivier Fourdan
fourdan at xfce.org
Sun Nov 14 10:53:36 CET 2004
Benny
Ok, let's say. Commit that, and we'll see. I won't have time to complete
the release right now anyway, so I put it on hold for now.
Doesn't sounds like a security issue anyway, does it?
Cheers,
Olivier.
On Sun, 2004-11-14 at 10:42 +0100, Benedikt Meurer wrote:
> Olivier Fourdan wrote:
> > Benny,
>
> Hey Olivier,
>
> > Can you tell us a bit more about the problem?
>
> Sure; the kiosk mode uses getgroups(2) to query the gids of the user
> owning the process. Normally, getgroups should not ever return more than
> NGROUPS_MAX gids, as that's the system limited. Unfortunately linux
> systems seem to allow more than NGROUPS_MAX gids (that said, the
> NGROUPS_MAX value is wrong) which in turn makes the kiosk init code fail
> (e.g. one user reported that his system limits the number of gids to 32,
> but he can still set 33 groups...).
>
> > We shall either release as is or cancel the release. There will be no
> > update (everything is in place, I've uploaded all files, I won't redo
> > all the work)
>
> Ok, then it'll have to wait for RC2.
>
> > Cheers,
> > Olivier.
>
> regards,
> Benedikt
> _______________________________________________
> Xfce4-dev mailing list
> Xfce4-dev at xfce.org
> http://lunar-linux.org/mailman/listinfo/xfce4-dev
>
More information about the Xfce4-dev
mailing list