Date: Wed, 23 May 2001 09:31:00 +0300 From: Peter Pentchev <roam@orbitel.bg> To: Dima Dorfman <dima@unixfreak.org> Cc: Thomas Moestl <tmm@unixfreak.org>, audit@freebsd.org Subject: Re: Patch to remove setgid bit from ipcs(1) Message-ID: <20010523093100.B12889@ringworld.oblivion.bg> In-Reply-To: <20010523032924.3878C3E7D@bazooka.unixfreak.org>; from dima@unixfreak.org on Tue, May 22, 2001 at 08:29:24PM -0700 References: <20010523011938.A8824@crow.dom2ip.de> <20010523032924.3878C3E7D@bazooka.unixfreak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 22, 2001 at 08:29:24PM -0700, Dima Dorfman wrote: > > > > > Index: sys/kern/sysv_sem.c > > > =================================================================== > > > RCS file: /stl/src/FreeBSD/src/sys/kern/sysv_sem.c,v > > > retrieving revision 1.32 > > > diff -u -r1.32 sysv_sem.c > > > --- sys/kern/sysv_sem.c 2001/02/21 06:39:54 1.32 > > > +++ sys/kern/sysv_sem.c 2001/05/20 22:54:55 > > > @@ -28,6 +28,7 @@ > > > static int sysvsem_modload __P((struct module *, int, void *)); > > > static int semunload __P((void)); > > > static void semexit_myhook __P((struct proc *p)); > > > +static int sysctl_sema __P((SYSCTL_HANDLER_ARGS)); > > > > > > #ifndef _SYS_SYSPROTO_H_ > > > struct __semctl_args; > > > @@ -148,6 +149,9 @@ > > > SYSCTL_INT(_kern_ipc, OID_AUTO, semusz, CTLFLAG_RD, &seminfo.semusz, 0, "" > > ); > > > SYSCTL_INT(_kern_ipc, OID_AUTO, semvmx, CTLFLAG_RW, &seminfo.semvmx, 0, "" > > ); > > > SYSCTL_INT(_kern_ipc, OID_AUTO, semaem, CTLFLAG_RW, &seminfo.semaem, 0, "" > > ); > > > +SYSCTL_STRUCT(_kern_ipc, OID_AUTO, seminfo, CTLFLAG_RD, &seminfo, seminfo, > > ""); > > > > Hmm, it seems to me that we export all members of this structure, so > > why export it again as a whole? While it might be better to pack things > > into a structure (which may however introduce problems when the > > structure changes), I'm not sure whether should really export this > > more than once just because of that. > > This also seems to apply to shared memory part. > > It's a compromise between exorting the entire structure or > complicating the userland part to do sysctl on all the different > fields and construct the structure itself. This was the simpler > approach, which is why I chose it. Do you think it's worth > complicating the kget() routine instead? Wouldn't exporting the whole structure lead to one more of those userland dependencies on the kernel? Not that I expect the shm kernel structs to change way too often, but still, exporting a whole structure does require that the userland program know the exact structure layout. Have you looked at another way - an opaque sysctl with contents generated on-the-fly by a reader function? This sysctl would contain all the userland-needed data, and only that data, and its format would not change when the kernel structure layout is changed. It could even have some kind of version/size tag at the start - or maybe that would be overkill.. Just random thoughts.. :) G'luck, Peter -- because I didn't think of a good beginning of it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010523093100.B12889>