Change Details

After commit 9da2fe96ff2e ("kern: fix setgroups(2) and getgroups(2) to match other platforms"), setgroups() does not set the effective GID anymore, and uses all passed groups as the supplementary group list. Fix initgroups() to set again the effective GID and make sure it is not passed as a supplementary group. To preserve the atomic behavior of the previous setgroups(2) call, substitute it with a call to setcred(2) instead of adding a call to seteuid(2). Update the manual page accordingly. While here, prefer a terminology referring to POSIX terms, i.e., use "effective group list" instead of "group access list". Fixes: 9da2fe96ff2e ("kern: fix setgroups(2) and getgroups(2) to match other platforms") Sponsored by: The FreeBSD Foundation

After commit 9da2fe96ff2e ("kern: fix setgroups(2) and getgroups(2) to match other platforms"), setgroups() does not set the effective GID anymore and uses all passed groups as the supplementary group list. This effectively breaks backwards compatibility with programs/libraries compiled on a FreeBSD 14 or earlier system. Restore compatibility by creating a new version of the 'initgroups' symbol that designates the current implementation and providing a pre-FreeBSD-15-compatible version under the symbol's previously exported version. The new version calls the new setgroups(2) system call, while the compatible one calls the original one (called freebsd14_setgroups()). Update the manual page with some history and comparison with other current open-source systems. Add a "SECURITY CONSIDERATIONS" section highlighting some security properties of this approach and the reasons we adopt it. While here, revamp the manual page, in particular to use the exact POSIX terminology where possible. Fixes: 9da2fe96ff2e ("kern: fix setgroups(2) and getgroups(2) to match other platforms") Sponsored by: The FreeBSD Foundation

After commit 9da2fe96ff2e ("kern: fix setgroups(2) and getgroups(2) to match other platforms"), setgroups() does not set the effective GID anymore, and uses all passed groups as the supplementary group list. Fix initgroups() to set again the effective GID and make sure it is notThis effectively breaks backwards compatibility with programs/libraries passed as a supplementary group. To preserve the atomic behaviorcompiled on a FreeBSD 14 or earlier system. Restore compatibility by creating a new version of the 'initgroups' previous setgroups(2) call, substitute it with a call to setcred(2)symbol that designates the current implementation and providing instead of adding a call to seteuid(2a pre-FreeBSD-15-compatible version under the symbol's previously exported version. The new version calls the new setgroups(2) system call, while the compatible one calls the original one (called freebsd14_setgroups()). Update the manual page accordingly. While here, prefer a terminologywith some history and comparison with other referring to POSIX terms, i.e., use "effective group list" instead ofcurrent open-source systems. Add a "SECURITY CONSIDERATIONS" section "group access list"highlighting some security properties of this approach and the reasons we adopt it. While here, revamp the manual page, in particular to use the exact POSIX terminology where possible. Fixes: 9da2fe96ff2e ("kern: fix setgroups(2) and getgroups(2) to match other platforms") Sponsored by: The FreeBSD Foundation