Subject: Re: kern.showallprocs implementation
To: Elad Efrat <elad@NetBSD.org>
From: Bill Studenmund <firstname.lastname@example.org>
Date: 08/26/2005 15:29:30
Content-Type: text/plain; charset=us-ascii
On Sat, Aug 27, 2005 at 12:07:54AM +0300, Elad Efrat wrote:
> Geert Hendrickx wrote:
> > Users may accept that it works differently in future 4.0 than it would =
in 3.0. =20
> I already discussed this with Rui. If you insist on having this feature
> for NetBSD 3.0, then either implement a ``kern.privacy'' node and add
> something like ``kern.privacy.proc'', or I'll do it myself, but *please*
> don't use something like ``kern.showallprocs''.
If changing the naming gets us temporary consensus, let's do it.
> All it takes is two sysctl_createv() calls for the node and ``proc''
> knob, and writing a routine (``privacy_proc()''?) to determine if proc1
> can ``look'' at proc2. Then you call that function instead of the ``if''
> block the posted patch suggests.
I'm not sure that we really need this yet. While the sysctl is=20
externally-visible, this is not. I think this change can wait for=20
something more sophisticated in the future. Or a centralized framework,=20
when it makes more sense to call into the framework.
> That way you achieve what you want, you don't bound yourself to
> something that will be removed in the future, and you can easily extend
> it to other parts of the system (hint: netstat can do privacy too, and
> there's user demand).
I think the naming change is a good thing and leaves room for future=20
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)
-----END PGP SIGNATURE-----