[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1204246805.7363.23.camel@heimdal.trondhjem.org>
Date: Thu, 28 Feb 2008 17:00:05 -0800
From: Trond Myklebust <trond.myklebust@....uio.no>
To: Christoph Hellwig <hch@...radead.org>
Cc: Dave Quigley <dpquigl@...ho.nsa.gov>,
Stephen Smalley <sds@...ho.nsa.gov>, casey@...aufler-ca.com,
viro@....linux.org.uk, bfields@...ldses.org,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
LSM List <linux-security-module@...r.kernel.org>
Subject: Re: [PATCH 01/11] Security: Add hook to get full maclabel xattr
name
On Thu, 2008-02-28 at 19:51 -0500, Christoph Hellwig wrote:
> On Thu, Feb 28, 2008 at 04:50:06PM -0800, Trond Myklebust wrote:
> > As I've told you several times before: we're _NOT_ putting private
> > ioctl^Hxattrs onto the wire. If the protocol can't be described in an
> > RFC, then it isn't going in no matter what expletive you choose to
> > use...
>
> It's as unstructured as the named attributes already in. Or file data
> for that matter.
Describing what is supposed to be a security mechanism in a structured
fashion for use in a protocol should hardly be an impossible task (and
AFAICS, Dave & co are making good progress in doing so). If it is, then
that casts serious doubt on the validity of the security model...
There should be no need for ioctls.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists