i like this idea.

   
   1049a1058,1080
   >  * sysctl helper function for kern.showallprocs. allowed values are 0 and 1.
   >  */
   > static int
   > sysctl_kern_showallprocs(SYSCTLFN_ARGS)
   > {
   > 	int error, nshowallprocs;
   > 	struct sysctlnode node;
   > 	
   > 	nshowallprocs = showallprocs;
   > 	node = *rnode;
   >         node.sysctl_data = &nshowallprocs;
   > 	error = sysctl_lookup(SYSCTLFN_CALL(&node));
   > 	if (error || newp == NULL)
   > 		return (error);
   >         if (nshowallprocs < 0 || nshowallprocs > 1)
   > 		return (EINVAL);
   > 
   > 	showallprocs = nshowallprocs;
   > 
   > 	return (0);
   > }

is this necessary?  can't we just define it as being 0 or non-zero
and not have to have the extra code of this function? 

(it seems there are a lot of these "tiny" functions to check sysctl..
i wonder if a generic method for min/max bounds checking could be
implemented in the sysctl framework itself?  it seems there'd be
dozens or even hundreds of functions that could be removed ...)

   > /*
   1897a1929,1939
   >                 /*
   > 	 	 * If kern.showallprocs == 0, then skip processes that don't 
   > 		 * match the UID of the calling process. Root is allowed to 
   > 		 * see every process.
   > 		 */
   > 		if (!showallprocs)
   > 			if (l->l_proc->p_ucred->cr_uid) 
   > 				if (p->p_ucred->cr_uid != 
   > 					l->l_proc->p_ucred->cr_uid)
   > 						continue;

any reason this isn't written as:
	continue;
	if (!showallprocs && l->l_proc->p_ucred->cr_uid &&
	    p->p_ucred->cr_uid != l->l_proc->p_ucred->cr_uid)
		continue;



thanks.


.mrg.