[RFC] Making talloc_reference() safer.
Stephen Gallagher
sgallagh at redhat.com
Wed Oct 26 06:38:20 MDT 2011
On Wed, 2011-10-26 at 07:26 +1100, ronnie sahlberg wrote:
> I personally think that the "hierarcy" vs "multi-parent" has to be
> made at creation time and creation time only.
>
>
> A bigger picture is that TALLOC is a hugely useful library which
> should be encouraged to be used also externally in non-samba projects
> as well.
For the record, talloc is used heavily in the System Security Services
Daemon and Certmonger projects as well. Both of these are becoming vital
pieces of the auth/authz puzzle on multiple Linux distributions.
To date, we've followed a strict policy of single-parentage (even going
so far as to wrap some cases in our own refcounts).
The SSSD has a plugin-based architecture, and I certainly wouldn't want
for a third-party authentication module to be able to add parentage to
any of my variables without my knowing about it. I agree wholeheartedly
that such decisions should be made at object instantiation and remain
immutable.
> So API is really important. It is even more important that just "what
> API change is needed to solve a problem in samba", it is "what API
> makes sense to the average OSS developer working on his/her pet
> project".
I'd love to see a world in which talloc_reference() is safe to use.
However, as I said above, I want to be able to decide whether or not a
particular variable is allowed to have multiple-parentage. The use of
talloc_reference() should always be a conscious decision.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20111026/12fad942/attachment.pgp>
More information about the samba-technical
mailing list