Subject: Re: kauth and access to process credentials
To: None <tech-security@NetBSD.org, tech-kern@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-kern
Date: 02/19/2007 03:20:22
>> The problem is that once the #defines or inlines exist in a header,
>> users of the defines/inlines will include that header to get the
>> definitions.  At this point both the structure and the
>> defines/inlines become visible to the users, and nobody can prevent
>> the users to use the field members of the functions directly instead
>> of going through the inlines.
> C isn't an object-oriented language where we can really hide that
> stuff.  All we can do is provide the proper interfaces, and shoot
> down any patches that Do the Wrong Thing.

Well, it *is* possible to make it more difficult.  We could, for
example, gratuitously rename the non-publicized struct members once a
month, thus overtly breaking any code that's depending on them.  (Of
course, this implies renaming them in the implementation code that *is*
supposed to use them, too.)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B