netbsd-bugs: Re: lib/33569 (systrace.h is not bundled with NetBSD distribution)

Subject: Re: lib/33569 (systrace.h is not bundled with NetBSD distribution)
To: None <lib-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: Jaromir Dolecek <jdolecek@NetBSD.org>
List: netbsd-bugs
Date: 05/28/2006 16:45:01

The following reply was made to PR lib/33569; it has been noted by GNATS.

From: Jaromir Dolecek <jdolecek@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc: lib-bug-people@NetBSD.org, gnats-admin@NetBSD.org,
	netbsd-bugs@NetBSD.org, kristaps@gradient-enterprises.com
Subject: Re: lib/33569 (systrace.h is not bundled with NetBSD distribution)
Date: Sun, 28 May 2006 18:41:41 +0200

 --/9DWx/yDrRhgMJTb
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On Sun, May 28, 2006 at 04:35:01PM +0000, Kristaps Johnson wrote:
 >  I concur.  Further, if systrace.h shan't be bundled, the systrace.4 manu=
 al=20
 
 systrace.4 describes kernel device driver, so references headers aren't
 necessarily usable by userland. This is true for all section 4 and
 section 9 manual pages.
 
 >  page should be modified, as it refers to nonexistent entities (the heade=
 r=20
 >  file is not explicitly mentioned, but structures, macros & ioctl values=
 =20
 >  are invalid).  Ergo the systrace device has a closed interface (restrict=
 ed=20
 >  to systrace.1).  This doesn't seem correct to me; the manual page refers=
 =20
 >  to /dev/systrace for "userland processes, such as systrace(1)".  But the=
 =20
 >  device's API is currently unavailable.  Is there a reason for not exposi=
 ng=20
 >  it?  If, for instance, there are security issues with systrace.h, why is=
 =20
 >  the device still being exported, and why is systrace.1 compiling with it?
 
 It's not matter of security issue, but backward compatibility - once
 it's exposed to userland, special care must be taken on each update
 to the functionality.
 
 I'd say that if Niels Provos agrees with exposing the interface
 to userland, it's just fine to export the header.
 
 Jaromir
 --=20
 Jaromir Dolecek <jdolecek@NetBSD.org>            http://www.NetBSD.cz/
 -=3D- We can walk our road together if our goals are all the same;     -=3D-
 -=3D- We can run alone and free if we pursue a different aim.          -=3D-
 
 --/9DWx/yDrRhgMJTb
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: PGPfreeware 5.0i for non-commercial use
 MessageID: 9y0kBvd1l5ihG/eZYRD//i9KqafkMdzL
 
 iQCVAwUBRHnSwrZjOQfIPRaZAQF3GAP/X5nGWZO5Ugrqdl2lbHGaBGKffVw8F4S1
 zEXMzc7GLTWd2KelNLTviDT0oGdPE+CJU0Tq5PfzSW/NsnGd/cAwwrMnrVRhzzxu
 +3SI82+Dtijw9eUOn5mDAw7IWm+kX1BVmS67xDeC7k3zSdhzHRQ27pz5l8bEl4U6
 ojjQdcxVDi8=
 =p5UH
 -----END PGP SIGNATURE-----
 
 --/9DWx/yDrRhgMJTb--