std.process - POSIX specific callback

Fri Jun 7 00:57:06 PDT 2013

On Friday, 7 June 2013 at 05:59:24 UTC, Lars T. Kyllingstad wrote:
> On Thursday, 6 June 2013 at 17:32:25 UTC, nazriel wrote:
>> I am aware that std.process is generalized but I doubt such 
>> useful functionality which is usable on various Posixen is 
>> more disturbing than Windows-only suprpressConsole 
>> https://github.com/D-Programming-Language/phobos/blob/master/std/process.d#L954
>
> I think there is a huge difference between a simple flag and the
> ability to execute arbitrary code on one OS but not on another.
> (When set, suppressConsole actually *eliminates* a difference in
> the default behaviour of the two OS families.)
>

Depends on the point of view.
In my opinion both suppressConsole and posixCallack defines 
process details after process space is created.
The only difference is that suppressConsole is an exceptional 
switch to define behavior on exactly one platform (Windows) while 
posixCallback allows defying behavior on multiple POSIX 
compatible systems.

>> But I was mistaken. Config is an enum not struct, so yeah, not 
>> worth changing it only for sake of posix callback.
>>
>> So maybe module level variable?
>>
>> module std.process;
>>
>> // ...
>> void delegate() posixPostFork = null;
>> // ...
>
> Global state?  Don't want to go there...
>
Just proposition. I don't know what way you and Steven prefer.

>
>> I would *really* love to see this implemented. It is really 
>> basic stuff for posixen.
>
> It needs a good API and community support.  I don't think we
> should introduce new functionality, that looks like it was 
> bolted
> on, because one person said they really needed it.

I understand. I just didn't except that this will be so 
controversial.
I thought that chopping off a lot of potential functionality on 
POSIX was just oversight, given that Windows has its own specific 
flag.

If such functionality isn't needed and I am the only one whining 
about it, let's just forget about whole topic.
I can live with my own more specialized implementation, I just 
thought it may be useful for others.

>
> Is it possible to abstract the things you would like to do in
> such a callback?  You mention privilege lowering as a use case.

My use cases are privilege lowering and setting up process limits 
(on per process basics).
But my point was that post-fork callback opens the window of 
additional process tuning and other possibilities, like dumping 
memory map or whatever user may want to do.

> Can we make an API that does this, and which modifies the
> process' security context in Windows in an equivalent/similar
> way, for instance?

I think we can, but then it closes various opportunities on POSIX.
I'm not that much experienced with Windows to be honest, but I 
think it is possible to switch user, but not possible to set per 
process limits (at least not possible on non-Server versions of 
Windows).

Again, I am not forcing anything on you or Steven.
I am asking you for opinion on something I find useful because 
you are the experts and I really like your work on new std.process

Best regards,
Damian Ziemba