tech-kern: Re: kern.showallprocs implementation

Subject: Re: kern.showallprocs implementation
To: Rui Paulo <rpaulo@NetBSD.org>
From: Bill Studenmund <wrstuden@netbsd.org>
List: tech-kern
Date: 08/29/2005 15:24:09
--pWJxWxNlJUNgDlXi
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Aug 29, 2005 at 11:03:59PM +0100, Rui Paulo wrote:
> On 2005.08.29 14:20:06 +0000, Bill Studenmund wrote:
> | On Mon, Aug 29, 2005 at 11:39:51PM +0300, Elad Efrat wrote:
> | > Bill Studenmund wrote:
> | >=20
> | > Would you object to adding a sysctl node named ``security'' (either
> | > under ``kern'' or as a new main one), and underneath it another node,
> | > ``privacy'', and underneath it a knob similar to ``see_other_uids''?
> |=20
> | Why not just use the FreeBSD name? If there is a good reason to use a=
=20
> | different name, so be it. But I am not sure that we have heard one. We=
=20
> | will (I expect) want to support it for FreeBSD compat, so if there is n=
o=20
> | reason to be different, why not just make them the same?
>=20
> I prefer:
> 	security.bsd.*
> And no variables_like_this_one. It's ugly, IMHO.

Part of the reason I suggested using the FreeBSD names is that no names=20
jump out at me as the best name to use. So in cases of indecision, go with=
=20
prior art. :-)

If the consensus is that variables_like_this_one are ugly, then that is a=
=20
reason for a different name. Is it a sufficent reason to be different from=
=20
prior art? Not sure. I will however not argue the point.

> | Also, I am partially enamored of what FreeBSD has done with the naming
> | here. They are indicating. with the "bsd" node under "security", that
> | these controls/status are part of the "bsd" security model. Yes, "unix"=
 =20
> | could have been used, as well as "uid/gid" (but that seems unwieldy). B=
ut
> | we leave space for future models, which our discussions indicate may so=
on=20
> | be coming (well, I hope so :-). [...]
>=20
> I agree. FreeBSD folks have security.bsd.* and security.jail.* and that
> seems to be well organized:
> 	security.<framework>.<option>
>=20
> Also, Elad's code works perfectly after my netstat(1) changes, so we have
> 1) working code; 2) a discussion on which sysctl variable to use;
>=20
> 2) should end ASAP!

So then what name do you propose? security.bsd.?

Take care,

Bill

--pWJxWxNlJUNgDlXi
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFDE4sJWz+3JHUci9cRAoCvAJ9uFnF4gsOTuIw+qvYIoSEGqvu7UACdFFOn
XCErCf5GX0SBPQYTPSeTa0U=
=gkDy
-----END PGP SIGNATURE-----

--pWJxWxNlJUNgDlXi--