From: "Theo de Raadt" Subject: Re: openat(2) is mostly useless, sadly To: "H. Hartzer" , tech@openbsd.org Date: Fri, 30 May 2025 14:32:42 -0600 Steffen Nurpmeso wrote: > H. Hartzer wrote in > : > |Theo de Raadt wrote: > |> instead of requiring a programmer to put a flag on every system call \ > |> acting > |> upon the object. Two operational flags are added, O_BELOW and F_BELOW. > ... > |I wanted to point out that the language can be confusing of "above", > |"below", etc. Now it may be that this is named as appropriately as it > |can be, but while I was reading my instinct was that "below" meant a > |child directory, rather than a parent. I think there may be some > |confusion over the semantics. > | > |O_BELOW also sounds somewhat like it allows below, but not only below. > |Maybe O_ONLYBELOW? Another possibility might be something like O_CHROOT, > |which is a familiar and similar term, though might add other confusion. > | > |I think that ascend/descend might be somewhat more intuitive terms. > |Perhaps O_DESCEND, or O_ONLYDESCEND. > > How about "beneath" as Linux landlock uses? How about I use some other flag which already exists, and has different semantics. Like how about O_EXCL?? /sarc You see, O_BENEATH already exists elsewhere, and is not compatible. https://reviews.freebsd.org/D2808 We are at the stage where people want to change the names of things, but I don't know of one person who has compiled a kernel with the diffs.