Subject: Re: CVS commit: src/sys/kern
To: None <elad@NetBSD.org>
From: YAMAMOTO Takashi <email@example.com>
Date: 06/14/2006 14:52:34
[ moved from source-changes@ ]
> > Module Name: src
> > Committed By: yamt
> > Date: Tue Jun 13 13:52:39 UTC 2006
> > Modified Files:
> > src/sys/kern: uipc_domain.c
> > Log Message:
> > sysctl_unpcblist: don't abuse kauth_authorize_process for non-process object.
> I plan on removing the CURTAIN() macro.
it's one of reasons why i looked into this code. :-)
> If we're already looking at it,
> how about we add a KAUTH_GENERIC_CANSEE,
although it's definitely better than CURTAIN or abusing KAUTH_PROCESS_CANSEE,
i'm not sure if it's a good idea.
i'm not even sure if abusing fp->f_cred here is a good idea.
> and model KAUTH_PROCESS_CANSEE
> after process_checkioperm(), and deprecate the latter?
> (or something along these lines)
IMO, performing I/O and "cansee" are very different.