On Sat, 27 Aug 2005, Elad Efrat wrote:
> Forgot to mention to the list; code is available at
> ftp://ftp.netbsd.org/pub/NetBSD/misc/elad/privacy/

A few comments:

The following functions are not documented in manpages:
  * privacy_uid()
  * privacy_proc() - aren't there already routines to do that? Maybe
    look at CANSIGNAL() in kern_sig.c
I wonder if they can be made generic functions, and be put into a more
generic place - they arenot really "privcy" specific, are they?

Maybe move the description what the functions in kern_privacy.c do
into the comment _above_ the functions. See /usr/share/misc/style.

Also, sysctls are not documented.

Last, a question: do I understand it correctly that those two sysctl knobs 
allow/disallow retrieving process stats sysctls (e.g. for ps(1)) and 
network stats sysvtls (e.g. for netstats(1)) for all/only the owner (and 
root) of a process?

How about not showing processes e.g. outside a chroot, like we already do 
for mountpooints?

Mayve this whole "privacy" thing should be discussed through first... 
("design"?)


  - Hubert