Re: [RFC][PATCH] Generic fallback for security xattrs

From: Casey Schaufler (casey@schaufler-ca.com)
Date: Fri Jul 15 2005 - 08:53:24 PDT


--- Stephen Smalley <sds@private> wrote:

> This is a request for comments on the below patch
> that modifies the VFS
> setxattr, getxattr, and listxattr code to fall back
> to the security
> module for security xattrs if the filesystem does
> not support xattrs
> natively.

Wouldn't it be better to just introduce the
required changes to bring the filesystems that
don't support xattrs into the 21st century?
There can't be that many by now, and it's not
as if (as the proposed patch demonstrates)
it would be that much work. I would hope to
see the existing mechanism used as designed
rather than see a special hack put in to
accomodate a special case.

The xattr mechanism works very well, and has
a long history that predates inclusion in Linux.




Casey Schaufler
casey@schaufler-ca.com

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 



This archive was generated by hypermail 2.1.3 : Fri Jul 15 2005 - 08:54:33 PDT