* Christoph Hellwig (hch@infradead.org) wrote:
>
> The other question is why do you name them system.security? The name
> sounds a bit too generic to me. ACLs are certainly a security feature
> and have different ATTRS, similar for the Posix capability and MAC
> support in XFS. As selinux is the flask implementation for Linux
> what about system.flask_label? (or system.selinux_label?)
It's really a namespace issue for user apps trying to deal with xattrs.
Being able to display the xattrs associated with a file in sane way,
like getxattr(path, "system.security", ...). Otherwise something like
listxattr() then gettxttr(... "system.security.[blah]" ...). Total
freeform naming is a headache for userspace to deal with. Esp. since we
don't want to teach all userland tools about each individual module/policy.
There were a couple proposals to use common root like "system.security."
(or the trusted namespace which was discussed in earlier threads).
Would you still prefer module specific naming?
thanks,
-chris
-- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Apr 23 2003 - 22:00:37 EST