[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200003.6173.qm@web36607.mail.mud.yahoo.com>
Date: Fri, 29 Feb 2008 09:26:25 -0800 (PST)
From: Casey Schaufler <casey@...aufler-ca.com>
To: Trond Myklebust <trond.myklebust@....uio.no>,
casey@...aufler-ca.com
Cc: Christoph Hellwig <hch@...radead.org>,
Dave Quigley <dpquigl@...ho.nsa.gov>,
Stephen Smalley <sds@...ho.nsa.gov>, viro@....linux.org.uk,
bfields@...ldses.org, linux-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org,
LSM List <linux-security-module@...r.kernel.org>
Subject: Re: [PATCH 01/11] Security: Add hook to get full maclabel xattr name
--- Trond Myklebust <trond.myklebust@....uio.no> wrote:
>
> ...
> > With the SGI supplied reference implementation it ought to be a
> > small matter of work to write an RFC. If the information weren't
> > SGI proprietary I could even tell you how long it ought to take
> > a junior engineer in Melbourne to write. The fact that there is
> > currently no RFC does not mean that there cannot be a RFC, only
> > that no one has written (or published) one yet.
>
> NO! It is not a "small matter of work".
Ah, well, I don't understand why, but that's probably just
me being ignorant. It happens from time to time.
> The fact is that private crap like the 'security' and 'system' namespace
> makes describing 'xattr' as a protocol a non-starter and an
> interoperability nightmare.
Ok, I can buy that it doesn't fit in with the current protocol
mindset, and that I for one have not demonstrated that it can
be. I remember how upset the IETF got over the original CIPSO
proposal not specifying which label tag value coresponded to
"Top Secret".
> If you can't do better than xattr for a
> security protocol, then it is time to go look for another job...
But ... I don't have a job. You're being mean. (smiley)
I think that we have a conflict between what works well for
a filesystem (xattrs are really helpful) and what works well
for a network protocol (undefined blobs of goo are atrocious)
in the case of a network file system. From either standpoint
the other is completely unworkable.
It may be the case that for NFS the proposed scheme (delta
LSM naming propriety, which is getting addressed) is the
best we can do. NFS is an old protocol (older than some of
the people reading this) and should be excused some shortcomings.
Thank you.
Casey Schaufler
casey@...aufler-ca.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists