On Friday, 7 June 2013 at 05:59:24 UTC, Lars T. Kyllingstad wrote:
On Thursday, 6 June 2013 at 17:32:25 UTC, nazriel wrote:
I am aware that std.process is generalized but I doubt such
useful functionality which is usable on various Posixen is
more disturbing than Windows-only suprpressConsole
https://github.com/D-Programming-Language/phobos/blob/master/std/process.d#L954
I think there is a huge difference between a simple flag and the
ability to execute arbitrary code on one OS but not on another.
(When set, suppressConsole actually *eliminates* a difference in
the default behaviour of the two OS families.)
Depends on the point of view.
In my opinion both suppressConsole and posixCallack defines
process details after process space is created.
The only difference is that suppressConsole is an exceptional
switch to define behavior on exactly one platform (Windows) while
posixCallback allows defying behavior on multiple POSIX
compatible systems.
But I was mistaken. Config is an enum not struct, so yeah, not
worth changing it only for sake of posix callback.
So maybe module level variable?
module std.process;
// ...
void delegate() posixPostFork = null;
// ...
Global state? Don't want to go there...
Just proposition. I don't know what way you and Steven prefer.
I would *really* love to see this implemented. It is really
basic stuff for posixen.
It needs a good API and community support. I don't think we
should introduce new functionality, that looks like it was
bolted
on, because one person said they really needed it.
I understand. I just didn't except that this will be so
controversial.
I thought that chopping off a lot of potential functionality on
POSIX was just oversight, given that Windows has its own specific
flag.
If such functionality isn't needed and I am the only one whining
about it, let's just forget about whole topic.
I can live with my own more specialized implementation, I just
thought it may be useful for others.
Is it possible to abstract the things you would like to do in
such a callback? You mention privilege lowering as a use case.
My use cases are privilege lowering and setting up process limits
(on per process basics).
But my point was that post-fork callback opens the window of
additional process tuning and other possibilities, like dumping
memory map or whatever user may want to do.
Can we make an API that does this, and which modifies the
process' security context in Windows in an equivalent/similar
way, for instance?
I think we can, but then it closes various opportunities on POSIX.
I'm not that much experienced with Windows to be honest, but I
think it is possible to switch user, but not possible to set per
process limits (at least not possible on non-Server versions of
Windows).
Again, I am not forcing anything on you or Steven.
I am asking you for opinion on something I find useful because
you are the experts and I really like your work on new std.process
Best regards,
Damian Ziemba
