Date: Wed, 23 May 2001 17:52:21 +0200 From: Thomas Moestl <tmm@freebsd.org> To: audit@freebsd.org Cc: Dima Dorfman <dima@unixfreak.org> Subject: Re: Patch to remove setgid bit from ipcs(1) Message-ID: <20010523175221.C594@crow.dom2ip.de> In-Reply-To: <20010523033507.47C433E6B@bazooka.unixfreak.org>; from dima@unixfreak.org on Tue, May 22, 2001 at 08:35:07PM -0700 References: <20010523033507.47C433E6B@bazooka.unixfreak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2001/05/22 at 20:35:07 -0700, Dima Dorfman wrote: > > Hmm, it seems to me that we export all members of this structure, so > > why export it again as a whole? While it might be better to pack things > > into a structure (which may however introduce problems when the > > structure changes), I'm not sure whether should really export this > > more than once just because of that. > > This also seems to apply to shared memory part. > > It's a compromise between exorting the entire structure or > complicating the userland part to do sysctl on all the different > fields and construct the structure itself. This was the simpler > approach, which is why I chose it. Do you think it's worth > complicating the kget() routine instead? Hmm. I don't really know. On any case, the separate sysctls need to stay because some of them are writable. Some message queue parameters might become tunable too some day, so if you decide to gather the information from separate variables, it might be better to export the message queue ones this way, too. I don't really like having duplicate data in the sysctl tree, OTOH it is a valid point that many applications would want to know all data at once and would thus need to do many more syscalls. Still... I don't like that ;) Anybody else having an opinion on this? > > I think the error message is redundant here, since you have passed an > > error string to kvm_open (which causes kvm library routines to print > > errors to stderr). Maybe printing the symbol name and just exiting > > should be sufficient. The error buffer seems not even to be filled > > when that string is set. > > This is indeed the documented behavior, but this isn't how the libkvm > code behaves. If I stick a "kaddr = 0;" right above that block, I get > the expected output: > > dima@spike% sudo ./ipcs -y > ipcs: msginfo: kvm_read: Bad address > > I can confirm that it is indeed the errx that is printing that. Am I > missing something, or is libkvm doing the wrong thing here? kvm_read seems to call kvm_[sys]err sometimes with the error string provided by the function, and sometimes with 0 as the program argument (where the 0 causes nothing to be written to stderr and the internal error string to be set). I'm not entirely sure why it is this way; it might be for Sun compatability as indicated by the manual page. I would suggest to use kvm_openfiles instead of kvm_open and always do explicit error reporting (which would only mean to add an errx() to kvm_openfiles(), as anything else already seems to do this). I'm sorry I got this wrong originally; although I had looked at the libkvm source, I missed it. - thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010523175221.C594>