Date: Thu, 25 Oct 2001 09:31:36 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: John Baldwin <jhb@FreeBSD.org> Cc: cvs-all@FreeBSD.org, cvs-committers@FreeBSD.org Subject: RE: cvs commit: src/sys/sys socketvar.h Message-ID: <Pine.NEB.3.96L.1011025090834.58424C-100000@fledge.watson.org> In-Reply-To: <XFMail.011024193708.jhb@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 24 Oct 2001, John Baldwin wrote: > > On 25-Oct-01 Robert Watson wrote: > > rwatson 2001/10/24 19:03:37 PDT > > > > Modified files: > > sys/sys socketvar.h > > Log: > > o Remove extern showallsockets, defunct as of the change to > > kern.security.seeotheruids_permitted. This was missed in the > > commit that made this change elsewhere. > > As a somewhat unrelated sidenote: can you trim the name of that sysctl > to kern.security.seeotheruids, or perhaps to > kern.security.see_other_uids (which is easier on my eyes at least). It > would seem that the '_permitted' is redundant and not needed just as the > old ps syctl was ps_showallprocs, not ps_showallprocs_permitted. The theory was I would append _approved and _permitted to fields in kern.security based on whether the corresponded to feature availability, or a policy decision. I agree that the current names are unwieldy, but am not yet sure I know what the right names should be. My temptation was to stick in an additional name, specifying the policy being modified, and trim the _whatever: kern.security.bsd.see_all_uids kern.security.bsd.unprivileged_proc_debug kern.security.bsd.suser_enabled This would allow other stuff to be slotted in dynamically when other policies are active: kern.security.cap.cap_enabled kern.security.cap.global_bound kern.security.mac.biba_enabled kern.security.mac.mls_enabled kern.security.mac.suser_overrides Does this seem more seemly to you? Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1011025090834.58424C-100000>