From: Markus Wichmann <nullplan@gmx.net>
To: musl@lists.openwall.com
Cc: Kate Deplaix <kit-ty-kate@outlook.com>
Subject: Re: [musl] [PATCH] Increase NGROUPS_MAX from 32 to 1024
Date: Thu, 11 Apr 2024 04:58:48 +0200 [thread overview]
Message-ID: <ZhdR6Cl386bK454k@voyager> (raw)
In-Reply-To: <20240411010738.GY4163@brightrain.aerifal.cx>
Am Wed, Apr 10, 2024 at 09:07:38PM -0400 schrieb Rich Felker:
> As for the macro, I think it's actually valid to define it as 65536,
> since even if we're running on an old kernel, there is no conformance
> distinction. I'm not sure if this is the nicest thing to do though.
> Apps may want to start with a buffer of size NGROUPS_MAX and increase
> it up to the sysconf value rather than allocating a giant amount of
> memory that will never in practice be used. This should be further
> discussed, particularly what impact it might have on application
> behavior and memory usage.
>
I had a look at Debian Codesearch for NGROUPS_MAX, to see what
applications are actually doing with the macro. And I found no instance
of anyone using it as an array size. That's what had me most worried,
because obviously increasing an array size by a few orders of magnitude
can cause a stack overrun.
A lot of applications use it or the sysconf() equivalent as upper bounds
for allocations, or even for setgroups(). So they should be fine with an
increase.
> It does have a TOCTOU race if the groups db changes
> between the first call and the retry.
Well, a lot of the login process has races if the user db changes during
the process. I think that is reasonable. As long as the race is resolved
in a safe way (as in, setting either the complete old list or the
complete new list), I think this is sensible. Although, now that I think
about it, the worst that could happen is someone being added to a group
and getting a truncated group list. And then they just have to re-login.
Which they already have to do anyway after being added to a group; they
were just too fast.
Ciao,
Markus
next prev parent reply other threads:[~2024-04-11 2:59 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-14 23:35 Kate Deplaix
2024-03-11 18:31 ` [musl] " Kate Deplaix
2024-03-12 0:46 ` Rich Felker
2024-04-09 12:54 ` Kate Deplaix
2024-04-09 15:46 ` Thorsten Glaser
2024-04-09 16:26 ` Rich Felker
2024-04-11 1:07 ` [musl] " Rich Felker
2024-04-11 1:51 ` Rich Felker
2024-04-11 2:58 ` Markus Wichmann [this message]
2024-04-11 11:44 ` Laurent Bercot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZhdR6Cl386bK454k@voyager \
--to=nullplan@gmx.net \
--cc=kit-ty-kate@outlook.com \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).