Re: non C based environments can have problems
Posted Jan 24, 2007 21:13 UTC (Wed) by dododge
In reply to: Re: non C based environments can have problems
Parent article: LCA: How to improve Debian security
I think having a global errno is such a dumb idea. Why can't system and library calls directly return an error code?
Within the kernel, these sorts of functions typically do return
error codes directly. But the userspace API is so ingrained that
changing existing functions would break too much. As mentioned, even
just changing errno from being a global
int to a macro that produces
int (so that e.g. it can produce a different errno object for each thread)
was enough to break some applications.
New APIs can of course use more sensible error reporting than errno
if they want to. It could also be worse, though; for example the
glibc obstack API by default aborts the program instead of returning an error, and while you can change that behavior you
still have to rely on a global callback that at
best uses something like setjmp/longjmp while running
the risk of some library code changing the callback to something else.
to post comments)