/* Open a policy file by NAME. The description WHAT and query Q are used for
* formatting error messages for the log.
+ *
+ * This function is somewhat careful only to read from actual regular files,
+ * though (if the filesystem object identified by NAME is a symlink, say) it
+ * might open a device node or other exotic thing without reading it. This
+ * is likely harmless, since we're running as an unprivileged user anyway.
*/
extern int open_policy_file(struct policy_file */*pf*/, const char */*name*/,
const char */*what*/, const struct query */*q*/,