[now I'm subscribed, might as well respond to some recent stuff from the
archives...]
321.geo...@gmail.com wrote:
> In mandocdb.c it appears cmp(1) and rm(1) are executed in a child
> process. It seems that if the logic from these programs were duplicated
> the pledge in mandocdb.c could be further restricted and even not bother
> with forking.
>
> Would such a change be pointless churn however? Both cmp(1) and rm(1)
> are simple programs and are pledge'd themselves. Not to mention the
> creation of the mandoc database is in itself a short lived process.
>
> To be clear I'm not proposing a change (indeed I have no diff) but
> rather I am simply curious to the opinion of others in the OpenBSD
> community.
Okay, in that case, please forgive me if I go off on a little bit of a
tangent.
I've used UNIX for quite a while now. Not being satisfied with just
using anything, I've (not deeply) poked at the luserspace internals
quite a bit over time.
Almost each time I read the source code of any UNIX program, whether it
came w/ the system or not, I find duplicated functionality.
As I see it, this is not just inefficient, but also a huge security
issue: if the same operation is stated differently in many different
places, how can we make sure that we squash all instances of a
particular bad habit or bug?
The only real solution that I've come up w/ over time is to put the
actual logic in libraries and leave the programs to be luser interfaces
to that logic.
Perhaps something not quite so extreme is needed. I wouldn't know.
It would certainly make it easier to execute the suggestion you make in
the first paragraph of your message.
--schaafuit.
[so, the spacing issue does not appear today, but the subject lines
are fscked. grrrr!]
