lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 11 May 2009 11:51:22 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Ingo Molnar <mingo@...e.hu>
Cc:	chrisw@...s-sol.org, oleg@...hat.com, roland@...hat.com,
	linux-kernel@...r.kernel.org, viro@...IV.linux.org.uk
Subject: Re: [patch 1/2] ptrace, security: rename ptrace_may_access =>
 ptrace_access_check

On Mon, 11 May 2009 15:39:49 +0200
Ingo Molnar <mingo@...e.hu> wrote:

> 
> * Andrew Morton <akpm@...ux-foundation.org> wrote:
> 
> > On Thu, 7 May 2009 11:49:47 +0200
> > Ingo Molnar <mingo@...e.hu> wrote:
> > 
> > > The ptrace_may_access() methods are named confusingly - some 
> > > variants return a bool, while the security subsystem methods have a 
> > > retval convention.
> > > 
> > > Rename it to ptrace_access_check, to reduce the confusion factor. A 
> > > followup patch eliminates the bool usage.
> > 
> > s/may_access/access_check/ is a poor change.  The new name conveys 
> > less information than the old one.
> > 
> > It's quite clear what the return value from "may_access" means.  
> 
> it isnt clear at all. In fact there's two variants: one that returns 
> 'int' and one that returns 'bool' - the two have inverted values.

Oh.  I was assuming this was a yesno-returning function.

> > It's less clear what the return value from a function called 
> > "access_check" means.
> >
> > Switching to something like ptrace_task_accessible() or 
> > ptrace_may_access_task() would be better.
> > 
> > This happens quite often.  The string "check" in the name of a 
> > predicate function is a red flag.
> 
> I disagree. To repeat the argument i made in this thread, the 'may' 
> suggests/attracts a logical value, i.e. yes or no, or boolean. But 
> that goes against the desire of actual call sites wanting a Linux 
> retval.
> 
> I.e. any function name that can be plain-English answered with: 
> 'yes' or 'no' is a red flag for a retval function.
> 
> You cannot answer ptrace_access_check() with 'yes' or 'no'. You 
> could if it was ptrace_access_ok() or ptrace_may_access.
> 

So what _are_ the semantics of the ptrace_may_access() return value?

<checks the code comments>

<stomps off in a huff>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ