tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: factoring out the change_root() and making exporting change_{root,dir}() as interface
On Wed, Jul 29, 2009 at 08:00:11PM +0300, Elad Efrat wrote:
> Christoph Badura wrote:
> >I don't think my change exposes the internals. In fact, it makes it
> >possible to to add another caller without that caller knowing the
> >internals!
>
> It makes it possible to add another caller that does not necessarily
> authorize the operation before performing it...
As I exlained to you in the part that you left unquoted in the message you
are replying to, adding code to the same effect that does not authorize
the operation was trivially possible before. (And remains trivially possibly
afterwards.) So clearly that isn't a property of the interface. And you're
objections can't be considered as relevant to the interface.
> we should consider
> ditching the FCHROOT request and see about moving the CHROOT
> authorization to a common location.
You're welcome to do that any time you like. I don't care about that part
of the interface. My code just uses that part of the interface.
> Otherwise, I'd like to see what use you are going to make of the
> function before you export it, along with documentation changes that
> make it clear that authorization is up the caller.
Sure, I'll update the documentation of the function to mention that.
I've given you examples what I'll be doing with it multiple times.
--chris
Home |
Main Index |
Thread Index |
Old Index