Re: [PATCH] Extended Attributes for Security Modules against 2.5.68

Christoph Hellwig (hch@infradead.org)
Wed, 23 Apr 2003 19:17:49 +0100


On Wed, Apr 23, 2003 at 01:52:03PM -0400, Stephen Smalley wrote:
> This patch against 2.5.68 implements changes to the LSM xattr-related
> hooks and adds xattr handlers for ext[23] to support the use of extended
> attributes by security modules for storing file security labels, as
> described in my April 8th RFC posting. Please apply, or let me know if
> any changes are needed. Thanks.

First, please put the changes in the LSM API in a different patch from
the xattr changes, they're a different issue.

The other question is why do you name them system.security? The name
sounds a bit too generic to me. ACLs are certainly a security feature
and have different ATTRS, similar for the Posix capability and MAC
support in XFS. As selinux is the flask implementation for Linux
what about system.flask_label? (or system.selinux_label?)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/