Page MenuHomeFreeBSD

cr_canseeothergids(9): Revamp, mark as internal
ClosedPublic

Authored by olce on Jun 20 2023, 1:44 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Nov 27, 6:23 PM
Unknown Object (File)
Sat, Nov 23, 12:37 PM
Unknown Object (File)
Tue, Nov 19, 9:23 PM
Unknown Object (File)
Sun, Nov 17, 10:30 AM
Unknown Object (File)
Thu, Nov 14, 12:04 AM
Unknown Object (File)
Oct 29 2024, 5:26 PM
Unknown Object (File)
Oct 28 2024, 4:29 PM
Unknown Object (File)
Oct 22 2024, 10:13 AM

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

olce requested review of this revision.Jun 20 2023, 1:44 PM

Change the one-line description. New sentences on new lines.

olce edited the summary of this revision. (Show Details)

Rename cr_bsd_visibility() to cr_bsd_visible().

olce retitled this revision from cr_seeothergids(9): Revamp, mark as internal to cr_canseeothergids(9): Revamp, mark as internal.
olce edited the summary of this revision. (Show Details)

'cr_see*' => 'cr_cansee*' (suppressed a rename in the stack).

Fix inverted description of when the policy is enabled.

It is unusual to have a man page for a static function; I cannot think of any other example. Given the history of this page and its siblings, I think it is fine to keep it, but an argument could be made to only keep cr_bsd_visible(9).

share/man/man9/cr_canseeothergids.9
51

Only a suggestion.

52
71–77

I see the inaccuracy of the previous description, but what you have written is not a complete sentence. Even though it is a sensible short-hand, the prevailing style for this section is to be explicit.

My suggestion:

The
.Fn cr_canseeothergids
function returns 0 if the policy is disabled, the credentials share at least one common group, or if
.Fa u1
has privilege exempting it from the policy.
Otherwise, it returns
.Er ESRCH .
olce retitled this revision from cr_canseeothergids(9): Revamp, mark as internal to cr_canseeothergids(9): Revamp, mark as internal Significantly clarify. Replace references to cr_canseeotheruids(9) by ones to cr_bsd_visible(9)..

Address (most) @mhorne's comments.

Updating D40633: cr_canseeothergids(9): Revamp, mark as internal

Significantly clarify. Replace references to cr_canseeotheruids(9) by ones to
cr_bsd_visible(9).

olce marked 3 inline comments as done.Aug 10 2023, 3:31 PM

It is unusual to have a man page for a static function; I cannot think of any other example. Given the history of this page and its siblings, I think it is fine to keep it, but an argument could be made to only keep cr_bsd_visible(9).

I understand, but given that these man pages have been around for 20+ years, maybe keeping them for now is the less disruptive path. We could remove them in a few releases.

share/man/man9/cr_canseeothergids.9
51

I'd prefer to leave that out, for several reasons. First, static is a C implementation detail, rather than the intent itself. Second, it works only for functions defined and used in the same translation unit, so applies almost always to functions defined and used in a single one. If that state changes, we would need to change the manpage as well. Granted, that's not a big one, but given the frequency with which this page has been updated in the past...

olce retitled this revision from cr_canseeothergids(9): Revamp, mark as internal Significantly clarify. Replace references to cr_canseeotheruids(9) by ones to cr_bsd_visible(9). to cr_canseeothergids(9): Revamp, mark as internal.Aug 10 2023, 3:33 PM
This revision is now accepted and ready to land.Sep 27 2023, 3:30 PM
This revision was automatically updated to reflect the committed changes.