From owner-cvs-all  Wed Oct 10 10:40:52 2001
Delivered-To: cvs-all@freebsd.org
Received: from ns.yogotech.com (ns.yogotech.com [206.127.123.66])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9364837B406; Wed, 10 Oct 2001 10:40:39 -0700 (PDT)
Received: from nomad.yogotech.com (nomad.yogotech.com [206.127.123.131])
	by ns.yogotech.com (8.9.3/8.9.3) with ESMTP id LAA25508;
	Wed, 10 Oct 2001 11:40:36 -0600 (MDT)
	(envelope-from nate@nomad.yogotech.com)
Received: (from nate@localhost)
	by nomad.yogotech.com (8.8.8/8.8.8) id LAA10276;
	Wed, 10 Oct 2001 11:40:35 -0600 (MDT)
	(envelope-from nate)
From: Nate Williams <nate@yogotech.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <15300.34835.416990.972225@nomad.yogotech.com>
Date: Wed, 10 Oct 2001 11:40:35 -0600
To: Dag-Erling Smorgrav <des@ofug.org>
Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>,
	cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/sys/kern kern_proc.c kern_prot.c uipc_socket.c uipc_usrreq.c src/sys/netinet raw_ip.c tcp_subr.c udp_usrreq.c
In-Reply-To: <xzpy9mjfq4z.fsf@flood.ping.uio.no>
References: <200110092140.f99LeVA74145@freefall.freebsd.org>
	<xzp7ku3h6c8.fsf@flood.ping.uio.no>
	<200110101522.f9AFM0S63283@khavrinen.lcs.mit.edu>
	<xzpy9mjfq4z.fsf@flood.ping.uio.no>
X-Mailer: VM 6.95 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid
Reply-To: nate@yogotech.com (Nate Williams)
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

> > > > "Unprivileged processes may see subjects/objects with different real uid"
> > > Would people mind a lot if this variable defaulted to 0?
> > Hell yes.
> 
> That's not a constructive response.
> 
> To me, the ability of unprivileged users to obtain information about
> other users' processes and sockets is
> 
>  a) unnecessary
>  b) a violation of privacy
>  c) a security risk
> 
> Unless you can provide an argument showing that this is necessary to
> the correct operation of a FreeBSD system, I'll simply ignore your
> contribution to this discussion.

You're breaking dozens of years of history and thus violating POLA.



Nate

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message