If there are more permissions than the maximum that can be handled by PHP, all permissions past that point get reset. The correct response would be to not process the excessive permissions.

Example. Given a site that has over 1400 permissions per role, and PHP with a maximum of 1000 input fields:

1. Go to /admin/people/permissions.
2. Select permissions for Administrator.
3. Update one permission.
4. Save permissions.

Actual result: Everything after the 1000th permission gets set to not permitted.
Expected result: Everything after the 1000th permission is unchanged.

Comments

Version: 7.24 » 7.x-dev

Core issues are now filed against the dev versions where changes will be made. Document the specific release you are using in your issue comment. More information about choosing a version.