*** empty log message ***

svn path=/trunk/boinc/; revision=10736
2006-07-25 00:36:36 +00:00 · 2006-07-25 00:36:36 +00:00 · 56a9a1d701
parent f1200401c5
commit 56a9a1d701
5 changed files with 16 additions and 25 deletions
--- a/15
+++ b/15
@ -7931,3 +7931,18 @@ David  24 July 2006
        poll_my_result.php (new)
    languages/translations/
        en.po
+
+Charlie 24 July 2006
+    - Mac sandbox: don't set or require user boinc_master to be a member of group 
+        boinc_project (i.e., do not add group boinc_project to user boinc_master's 
+        supplementary groups list.)
+
+    client/
+        check_security.C
+    clientgui/
+        mac/
+            SetupSecurity.cpp
+    doc/
+        sandbox.php
+    mac_installer/
+        Installer.cpp
--- a/client/check_security.C
+++ b/client/check_security.C
@ -172,14 +172,6 @@ char *bundlePath, char *dataPath
    if (grp == NULL)
        return -1011;                // Group boinc_project does not exist
    boinc_project_gid = grp->gr_gid;
-
-    for (int i=0; ; i++) {                      // Step through all users in group boinc_project
-        char *p = grp->gr_mem[i];
-        if (p == NULL)
-            return -1012;            // User boinc_master is not a member of group boinc_project
-        if (strcmp(p, boinc_master_user_name) == 0)
-            break;
-    }
 #endif

 #if (defined(__WXMAC__) || defined(_MAC_INSTALLER)) // If Mac BOINC Manager or installer
--- a/clientgui/mac/SetupSecurity.cpp
+++ b/clientgui/mac/SetupSecurity.cpp
@ -81,7 +81,6 @@ static char                    chownPath[] = "/usr/sbin/chown";
 #define RIGHTS_COUNT 3          /* Count of the 3 above items */

 int CreateBOINCUsersAndGroups() {
-    char            buf1[80];
    OSStatus        err = noErr;

    err = CreateUserAndGroup(REAL_BOINC_MASTER_NAME, REAL_BOINC_MASTER_NAME);
@ -91,13 +90,6 @@ int CreateBOINCUsersAndGroups() {
    err = CreateUserAndGroup(REAL_BOINC_PROJECT_NAME, REAL_BOINC_PROJECT_NAME);
    if (err != noErr)
        return err;
-    
-    // Add user boinc_master to group boinc_project
-    sprintf(buf1, "/groups/%s", boinc_project_group_name);
-    // "dscl . -merge /groups/boinc_project users boinc_master"
-    err = DoPrivilegedExec(dsclPath, ".", "-merge", buf1, "users", boinc_master_user_name);
-    if (err != noErr)
-        return err;

    err = ResynchSystem();
    if (err != noErr)
--- a/doc/sandbox.php
+++ b/doc/sandbox.php
@ -76,7 +76,7 @@ These users and groups are created by the installation process.
 <li>User: <b>boinc_master</b>
 <ul>
 <li>Primary group: <b>boinc_master</b>
-<li>Supplementary groups: <b>boinc_project</b>
+<li>Supplementary groups: none
 </ul>
 <li>User: <b>boinc_project</b>
 <ul>
--- a/mac_installer/Installer.cpp
+++ b/mac_installer/Installer.cpp
@ -218,14 +218,6 @@ OSStatus IsLogoutNeeded(Boolean *result)
    if (pw->pw_gid != boinc_project_gid)
        return noErr;       // User boinc_project does not have group boinc_project as its primary group
        
-    for (i=0; ; i++) {              // Step through all users in group boinc_project
-        p = grp->gr_mem[i];
-        if (p == NULL)
-            return noErr;           // User boinc_master is not a member of group boinc_project
-        if (strcmp(p, boinc_master_user_name) == 0)
-            break;
-    }
-
    // Step through all visible users.  If user is a member of group admin, verify 
    // that user is also a member of both groups boinc_master and boinc_project.
    // NOTE: getgrnam and getgrgid use one static memory area to return their results,