Alexander Bluhm <alexander.bl...@gmx.net> wrote: > On Tue, Apr 27, 2021 at 10:37:25AM -0600, Theo de Raadt wrote: > > > Would 0, 0 min, max be a simple and obvious way to say "read only" ? > > > > That is not as terrible. > > Yes. But it has another undocumented side effect. I think > sysctl_bounded_arr() inherits the minimum == maximum check from > sysctl_int_bounded() which means unbounded. The latter is only > used in sysctl_int(). > > > Or maybe a define like: > > + #define SYSCTL_BOUNDED_ARR_READONLY 0,0 > > Which can then be used in-place without confusion. > > I thought of that, too. Then reading the code would be easy. To > cover all features we would need > > #define SYSCTL_INT_UNBOUNDED 0,0 > #define SYSCTL_INT_READONLY 1,0 > > Both work for sysctl_bounded_arr(), > sysctl_int_bounded(SYSCTL_INT_READONLY) could be implemented. > > Maybe that is too complex.
Actually, your variation seems pretty good. Is there any reason to not use this type of define?
