[RndTbl] "washing" a fork/exec to force all groups

[Trevor Cordes]

On 2023-04-19 Gilbert Detillieux wrote:
> 
> They may have had users like me in mind, who (over time) need to be 
> added to over 16 separate secondary groups (yeah, I was running into 
> that RPC AUTH_SYS 16-group limit in NFS, long before there was a
> simple fix).

Which makes me wonder... is there any command line program (or shell
option) that lets a normal user *drop* their supplemental groups?  I
don't see one.  You can change your primary group with newgrp/sg, but
the tools don't seem to let you manipulate supplemental groups.  Which
further leads me to believe that no one in the *NIX world thinks
dropping groups is a worthwhile, good or needed idea.

Furhter, perl doesn't seem to give you anything to manipulate this in
core either, which I find really strange.  perl usually lets you do
*all* of this user/group system stuff, even if only through vaguely
named special vars: $) anyone? (Ok, ya they now have pretty names too.
But if modern much-vaunted jquery can do $() then I can have my $)
thank you very much. <smirk>)  So that leads me to believe perl-people
think the idea is useless.

I was going to say postfix could let the user decide by running /bin/dg
(which I'm coining just now, drop-groups) before their desired command.
That would be more unix-y by letting the user decide and chain commands
as they see fit.

Oh ya, I realized ACLs could probably also solve my root problem.  But
I don't think I'll ever stoop to using ACLs on Linux.  I eradicate them
everywhere I see them.  Evil!