Re: [RFC][PATCH] Generic fallback for security xattrs

From: Chris Wright (chrisw@private)
Date: Mon Jul 25 2005 - 21:46:56 PDT

Previous message: Casey Schaufler: "Re: [RFC][PATCH] Generic fallback for security xattrs"
In reply to: Casey Schaufler: "Re: [RFC][PATCH] Generic fallback for security xattrs"
Next in thread: Casey Schaufler: "Re: [RFC][PATCH] Generic fallback for security xattrs"
Next in thread: Stephen Smalley: "Re: [RFC][PATCH] Generic fallback for security xattrs"
Reply: Casey Schaufler: "Re: [RFC][PATCH] Generic fallback for security xattrs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

* Casey Schaufler (casey@schaufler-ca.com) wrote:
> --- Chris Wright <chrisw@private> wrote:
> > Separate namespace, so appropriate for each.
> 
> So the file system specific code for a file
> system could, if such a hook existed, call
> xattr = security_supply_xattr("security.BandL", inode)
> 
> This would seem no less intrusive than a
> defaulting scheme to me, and might be acceptable
> "upstream".

That's exactly what is done.  The patch is only moving the logic into
a central location for those that don't have the various xattr ops
filed out.  Those that do have them check for "security." prefix and
start talking to the module until it comes to reading/writing data to disk.

thanks,
-chris

Previous message: Casey Schaufler: "Re: [RFC][PATCH] Generic fallback for security xattrs"
In reply to: Casey Schaufler: "Re: [RFC][PATCH] Generic fallback for security xattrs"
Next in thread: Casey Schaufler: "Re: [RFC][PATCH] Generic fallback for security xattrs"
Next in thread: Stephen Smalley: "Re: [RFC][PATCH] Generic fallback for security xattrs"
Reply: Casey Schaufler: "Re: [RFC][PATCH] Generic fallback for security xattrs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 25 2005 - 21:55:30 PDT