Subject: Re: CVS commit: src/sys
To: Elad Efrat <>
From: Julio M. Merino Vidal <>
List: tech-security
Date: 06/23/2007 20:42:45
On 23/06/2007, at 20:24, Elad Efrat wrote:
>    Kernel Programming Interface
>      kauth exports a KPI that allows developers both of NetBSD and
>      third-party products to authorize requests, access and modify
>      credentials, create and remove scopes and listeners, and perform
>      other miscellaneous operations on credentials.
> here is what it says about accessor/mutators:
>    Credentials Accessors and Mutators
>      kauth has a variety of accessor and mutator routines to handle
>      kauth_cred_t objects.
>      The following routines can be used to access and modify the user-
>      and group-ids in a kauth_cred_t:
> [...]
> what is so poor about it? what is missing?

Maybe a rationale for this "complete abstraction" design and  
emphasizing that accessors and mutators are used to completely hide  
the implementation details.  This "kind of design" is not common  
among the kernel's interfaces, unfortunately, so it might be  
difficult for other developers to guess your initial intentions with  
the design.

Julio M. Merino Vidal <>