Subject: Re: kern.showallprocs implementation
To: None <tech-security@NetBSD.org>
From: Rui Paulo <email@example.com>
Date: 06/26/2004 03:29:22
On 2004.06.26 12:04:05 +0000, matthew green wrote:
> is this necessary? can't we just define it as being 0 or non-zero
> and not have to have the extra code of this function?
> (it seems there are a lot of these "tiny" functions to check sysctl..
> i wonder if a generic method for min/max bounds checking could be
> implemented in the sysctl framework itself? it seems there'd be
> dozens or even hundreds of functions that could be removed ...)
Yes, it's true. There are some sysctl functions that just check for ranges
of given values. Currently, I'm not aware of a way to make
sysctl_createv() check automagicly for ranges.
> > /*
> > /*
> > * If kern.showallprocs == 0, then skip processes that don't
> > * match the UID of the calling process. Root is allowed to
> > * see every process.
> > */
> > if (!showallprocs)
> > if (l->l_proc->p_ucred->cr_uid)
> > if (p->p_ucred->cr_uid !=
> > l->l_proc->p_ucred->cr_uid)
> > continue;
> any reason this isn't written as:
> if (!showallprocs && l->l_proc->p_ucred->cr_uid &&
> p->p_ucred->cr_uid != l->l_proc->p_ucred->cr_uid)
No, no reason at all :)
I think it's better the way you wrote it.
"Simplicity is the ultimate
-- Leonardo da Vinci