Re: Supplemental Groups
* Steve Grubb (sgrubb(a)redhat.com) wrote:
On Tuesday 22 February 2005 12:50, Chris Wright wrote:
> I don't know, I don't think it's explicitly required by CAPP (unless
> you interpret subject identity to include suplemental group IDs).
Yes, this is what I was meaning.
> As far as groups go, they can become large (no longer a fixed size array).
I'm only wondering about the one group that was used to grant access, not the
whole collection that any user belongs to.
Yeah, that's the bit that's not tracked at all.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net