Re: [PATCH] fexecve

To: Emmanuel Dreyfus <manu%netbsd.org@localhost>
Subject: Re: [PATCH] fexecve
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Thu, 15 Nov 2012 15:55:02 -0500

On Thu, Nov 15, 2012 at 08:20:30PM +0100, Emmanuel Dreyfus wrote:
> Thor Lancelot Simon <tls%panix.com@localhost> wrote:
> 
> > The point is, this is interesting functionality that makes something
> > new possible that is potentially useful from a security point of view,
> > but the new thing that's possible also breaks assumptions that existing
> > code may rely on to get security guarantees it wants.  
> 
> Well, it is standard mandated and we want to be standard compliant. If

I'm sorry, I consider the above an unsupported assertion about what "we"
want.  The SVID is a standard, and we certainly don't want to conform to it...

NetBSD's original statement on standards was that we sought conformance
with "reasonable" standards -- and that, specifically, some of the XPG
standards (which eventually became the current incarnation of POSIX)
were not "reasonable".

I think there's significant sentiment among the developers that in
fact the current POSIX process is producing standards that include
some functionality we don't want to implement.  That these are standards
from which we need to carefully pick and choose, taking the good parts
and leaving the bad parts be.

In particular, most of the very active participants in that standards
process are paid participants working for commercial Linux vendors.  They
often seem to push half-baked proposals which meet their customers' needs
but aren't good general purpose solutions, or in some cases even solutions
to problems that actually exist at all.  And there are so many of these
that some of the really crummy ones slip through, because often only the
people pushing them are being paid to spend time on the standards process.

Look at the botch with the names of the functions you're currently
implementing, or what almost got done last year with filename translation
(headed off at the pass partly because a number of NetBSD developers
noticed it and vociferously objected).  These don't to me bespeak a
standard so elegantly or carefully constructed that we should seek
mindless conformance with its every whim.

Thor

References:
- Re: [PATCH] fexecve
  - From: Thor Lancelot Simon
- Re: [PATCH] fexecve
  - From: Emmanuel Dreyfus

Prev by Date: Re: [PATCH] fexecve
Next by Date: Re: [PATCH] fexecve
Previous by Thread: Re: [PATCH] fexecve
Next by Thread: Re: [PATCH] fexecve
Indexes:

Home | Main Index | Thread Index | Old Index