Subject: Re: kern.showallprocs implementation
To: Elad Efrat <>
From: Hubert Feyrer <>
List: tech-kern
Date: 08/27/2005 17:42:00
On Sat, 27 Aug 2005, Elad Efrat wrote:
> Forgot to mention to the list; code is available at

A few comments:

The following functions are not documented in manpages:
  * privacy_uid()
  * privacy_proc() - aren't there already routines to do that? Maybe
    look at CANSIGNAL() in kern_sig.c
I wonder if they can be made generic functions, and be put into a more
generic place - they arenot really "privcy" specific, are they?

Maybe move the description what the functions in kern_privacy.c do
into the comment _above_ the functions. See /usr/share/misc/style.

Also, sysctls are not documented.

Last, a question: do I understand it correctly that those two sysctl knobs 
allow/disallow retrieving process stats sysctls (e.g. for ps(1)) and 
network stats sysvtls (e.g. for netstats(1)) for all/only the owner (and 
root) of a process?

How about not showing processes e.g. outside a chroot, like we already do 
for mountpooints?

Mayve this whole "privacy" thing should be discussed through first... 

  - Hubert