On Mar 8, 2006, at 1:55 AM, YAMAMOTO Takashi wrote:

>>> - how about providing suser() as a wrapper of  
>>> KAUTH_GENERIC_ISSUSER? (for now?)
>>
>> There are no more calls to suser() in this branch, why add them  
>> again?
>
> because it's used often enough and easier to read?

Darwin also provides an suser(), but it carries caveats:

1- It is not implemented as a wrapper around KAUTH_GENERIC_ISSUSER

2- It is marked as "going away".

Also note that the Darwin KAUTH_GENERIC_ISSUSER does NOT take the  
accounting flags argument, and thus does not set ASU.  I think we  
should try to stick to the Darwin KPI as much as possible, so I think  
we should also skip the accounting flags argument for  
KAUTH_GENERIC_ISSUSER.  If we still want to set ASU, then we need to  
find another way to do it.

> i think it's better to make it static and
> move process_authorize to kern_auth.c.
>
> also, for the same reason, function names in the TN
> (kauth_authorize_process/kauth_authorize_generic) are better
> than what you chose, IMO.

Yes, I think we should keep as close to Darwin's KPI as possible, in  
this regard.

(Note, they did something different for the vnode scope [which we  
don't have yet], naming it vnode_authorize(), sigh...)

-- thorpej