* Christoph Hellwig (hchat_private) wrote: > > The other question is why do you name them system.security? The name > sounds a bit too generic to me. ACLs are certainly a security feature > and have different ATTRS, similar for the Posix capability and MAC > support in XFS. As selinux is the flask implementation for Linux > what about system.flask_label? (or system.selinux_label?) It's really a namespace issue for user apps trying to deal with xattrs. Being able to display the xattrs associated with a file in sane way, like getxattr(path, "system.security", ...). Otherwise something like listxattr() then gettxttr(... "system.security.[blah]" ...). Total freeform naming is a headache for userspace to deal with. Esp. since we don't want to teach all userland tools about each individual module/policy. There were a couple proposals to use common root like "system.security." (or the trusted namespace which was discussed in earlier threads). Would you still prefer module specific naming? thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Apr 23 2003 - 11:31:12 PDT