Jason Thorpe wrote:

> Darwin also provides an suser(), but it carries caveats:
> 
> 1- It is not implemented as a wrapper around KAUTH_GENERIC_ISSUSER

This is *exactly* what I am trying to avoid: authorization of requests
not via the discussed KPI. Note that I can't stand these zero
comparisons against the uid/euid.

> 2- It is marked as "going away".

The code provided on the branch already makes it go away; I think
that if we're going to do a suser() it should at least be a wrapper..

> Also note that the Darwin KAUTH_GENERIC_ISSUSER does NOT take the 
> accounting flags argument, and thus does not set ASU.  I think we 
> should try to stick to the Darwin KPI as much as possible, so I think 
> we should also skip the accounting flags argument for 
> KAUTH_GENERIC_ISSUSER.  If we still want to set ASU, then we need to 
> find another way to do it.

That is something I didn't want to get into, but would be easy enough
to change -- once we have figured what to do with the accounting bit.

> Yes, I think we should keep as close to Darwin's KPI as possible, in 
> this regard.

That would require a big sweep that I don't mind doing but would rather
postpone until more critical issues are solved, if no one minds. I
*will* change it.

-e.

-- 
Elad Efrat