From owner-cvs-all Thu Oct 25 0:28:21 2001 Delivered-To: cvs-all@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id A280237B403; Thu, 25 Oct 2001 00:28:14 -0700 (PDT) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id RAA08070; Thu, 25 Oct 2001 17:28:12 +1000 Date: Thu, 25 Oct 2001 17:27:16 +1000 (EST) From: Bruce Evans X-X-Sender: To: John Baldwin Cc: Robert Watson , , Subject: RE: cvs commit: src/sys/sys socketvar.h In-Reply-To: Message-ID: <20011025172521.P77131-100000@delplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, 24 Oct 2001, John Baldwin wrote: > On 25-Oct-01 Robert Watson wrote: > > rwatson 2001/10/24 19:03:37 PDT > > > > Modified files: > > sys/sys socketvar.h > > Log: > > o Remove extern showallsockets, defunct as of the change to > > kern.security.seeotheruids_permitted. This was missed in the > > commit that made this change elsewhere. > > As a somewhat unrelated sidenote: can you trim the name of that sysctl to > kern.security.seeotheruids, or perhaps to kern.security.see_other_uids (which > is easier on my eyes at least). It would seem that the '_permitted' is > redundant and not needed just as the old ps syctl was ps_showallprocs, not > ps_showallprocs_permitted. Please also trim the corresponding kernel variable name, and other long names. Index: kern_prot.c =================================================================== RCS file: /home/ncvs/src/sys/kern/kern_prot.c,v retrieving revision 1.115 diff -u -2 -r1.115 kern_prot.c --- kern_prot.c 11 Oct 2001 23:38:15 -0000 1.115 +++ kern_prot.c 12 Oct 2001 10:25:13 -0000 @@ -1351,8 +1297,10 @@ * of processes and sockets with credentials holding different real uid's * is possible using a variety of system MIBs. + * XXX: this variable is disgustingly verbosely named. + * XXX: data declarations should be together near the beginning of the file. */ static int kern_security_seeotheruids_permitted = 1; -SYSCTL_INT(_kern_security, OID_AUTO, seeotheruids_permitted, - CTLFLAG_RW, &kern_security_seeotheruids_permitted, 0, +SYSCTL_INT(_kern_security, OID_AUTO, seeotheruids_permitted, CTLFLAG_RW, + &kern_security_seeotheruids_permitted, 0, "Unprivileged processes may see subjects/objects with different real uid"); @@ -1516,4 +1463,8 @@ * * XXX: Should modifying and reading this variable require locking? + * XXX: this variable is disgustingly verbosely named, yet is not verbose + * enough to completely match the corresponding sysctl name which begins + * with `kern_security' instead of `kern'. + * XXX: data declarations should be together near the beginning of the file. */ static int kern_unprivileged_procdebug_permitted = 1; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message