[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
?max number of users per group?
- To: tech_(_at_)_openbsd_(_dot_)_org
- Subject: ?max number of users per group?
- From: ppruett <ppruett_(_at_)_webengr_(_dot_)_com>
- Date: Mon, 5 Feb 2001 04:02:14 +0000 (GMT)
I was trying something on a test websererver
using openbsd 2.8 current
(make build about a week ago)
I edited /etc/group so that the www user
was a member of about thirty other groups.
(maybe not elegant, but I was trying it)
When I noticed that the www user couldn't
get permission to many of the groups that
is should have been a member of.
Temporarily I used vipw to allow a login
for www to see what was going on.
I noted that the 'id' command only listed
about the first 16 of the groups www should
have been in. and sure enough from the
shell I could not get in the not listed
groups. Also the web browser seemed to
work and not work for permission to view
files that the user www should be able to see.
Hmm so I edited /etc/group so that only 2 users
had www as a member of their group and then
both the www use and the web server had no
problem with file permissions
Don't flame me about the security the www user please,
I am not recommending this approach necessarily I just
was noodling around with over 20 non-www users each having
their own individual group and each inviting www to group
then having files with group set to read so www could read it
(chmod 750) but so each non-www user could not see read the
other non-www user.
(www has to be able to read even on virtualhosts except
when suEXEC runs a user/group id for cgi on virtualhosts),
BUT AFTER seeing group permission problems when a single user
is a member of lots of groups I am now concerned/confused about the
operating system, I was not aware of a specific limitation for the
number of groups a user could be a member of?
Is this a known limitation that
a user can only be a member of x number of groups?
OR a valid concern possible bug
Or am I just confused....(more like)
I did try to search for a bug like this on the
openbsd bug tracking system but may have missed it.
I wanted to ask the list before I tried to do a
bug report that may be erroneous.
Visit your host, monkey.org