Shawn Walker wrote:
> Garrett D'Amore wrote:
>> Darren J Moffat wrote:
>>> I think both phases of this project are a very bad idea and I do not
>>> approve of the strategy.
>>>
>>> The Solaris security team did a similar analysis for 'pfexec' vs
>>> 'sudo' for almost identical reasons as this case. Like this case we
>>> planed to initially ship a symlink pfexec -> sudo and later enhance
>>> pfexec with the functionality that sudo had. In the end we choose
>>> not to do that because it as more engineering effort, it would never
>>> be perfect and there really was no harm in having the real sudo
>>> installed on the system. So that strategy was abandoned and now
>>> Solaris/OpenSolaris has the real sudo.
>>>
>>> I strongly suggest that this case be withdrawn and a new case be
>>> filed to just ship top.
>>>
>>> This is is also misnamed there are no prstat enhancements in this
>>> case just a confusing symlink from prstat -> top.
>>>
>>> I'm think that prstat could do with some enhancements but this case
>>> didn't actually provide any.
>>
>> As for me, I'd agree with phase 2, if phase 2 provides near-enough
>> approximation of functionality that users are unlikely to notice the
>> difference. But phase 1 seems more and more like a terrible idea.
>
> Phase 1 solves the problem of "I type top and nothing happens."
>
> In my view, having something is better than nothing if that something
> doesn't look like "top" yet. As the case materials pointed out, top
> varies from distribution to distribution.
See my earlier description of usage involving exec, where the surprise
lack of functionality in top could be viewed as harmful.
The other issue is different command line arguments.
Perhaps the easiest thing for phase 1 is to just ship unaltered "top" as
folks have suggested. Phase 2 could examine whether to enhance top with
Solaris features, or to enhance prstat and replace the top. (Either
approach seems equally valid to me.)
-- Garrett
