James Carlson wrote:
>Darren Reed writes:
>
>>>Honestly, if I were a third party driver writer, I would likely not
>>>use least privilege. The main problem is that the interfaces are not
>>>present on S9 and older systems, and thus represent a complication
>>>with little benefit to me or my custo
Darren Reed writes:
> >The underlying point is that LP provides a robust mechanism for
> >implementing those sorts of features. It does _not_ mean that
> >everything in the system has actually been reduced to the least
> >privilege necessary.
> >
> >That's a lengthy process, and if you want to con
James Carlson wrote:
>Darren Reed writes:
>
> ...
>
>>how would you, as a developer writing a network driver, know
>>that you should make use of various privileges in your code?
>>
>
>Honestly, if I were a third party driver writer, I would likely not
>use least privilege. The main problem is tha
James Carlson wrote:
>Darren J Moffat writes:
>
>>I think the relevant functions in libdlpi should in their man page
>>document what privilege they need and they should cross reference to
>>privileges(5). It isn't the library as a whole but the individual
>>functions.
>>
>
>The problem is that
Darren Reed writes:
> >Honestly, if I were a third party driver writer, I would likely not
> >use least privilege. The main problem is that the interfaces are not
> >present on S9 and older systems, and thus represent a complication
> >with little benefit to me or my customers.
> >
>
> Oh :(
> I'
Darren Reed writes:
> >... or something like that. And the result is chaos for application
> >writers. If the application depends on resources that may have
> >varying requirements (e.g., both legacy and "new" drivers), there's
> >really no good way to document what privileges that application mi
Darren J Moffat writes:
> I think the relevant functions in libdlpi should in their man page
> document what privilege they need and they should cross reference to
> privileges(5). It isn't the library as a whole but the individual
> functions.
The problem is that it's not the library itself t
Have a look at man pages like chown(2), we already do document what
privilege is necessary.
Some of the man pages have similar man pages (but not chown(2) I notice)
do have privileges(5) as a see also. The fact that chown(2) does not is
IMO a bug in that man page.
I think the relevant functio
Preface: I was siting down about to send this off to the PSARC
alias, in response to the libdlpi one page, when I thought that
this discussion is perhaps better served by being elsewhere as
it really isn't to do with that case, directly, at all, unless
someone thinks it should be brought up in PSAR
