Re: [PATCH] Extended Attributes for Security Modules against 2.5.68

Christoph Hellwig (hch@infradead.org)
Wed, 23 Apr 2003 19:17:49 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Bartlomiej Zolnierkiewicz: "[PATCH] 2.5.67-ac2 direct-IO for IDE taskfile ioctl (0/4) [resend]"
Previous message: Jan Harkes: "Re: Qn: Queer "Unable to handle kernel NULL pointer dereference at ..." error in kernel"
In reply to: Stephen Smalley: "[PATCH] Extended Attributes for Security Modules against 2.5.68"

On Wed, Apr 23, 2003 at 01:52:03PM -0400, Stephen Smalley wrote:
> This patch against 2.5.68 implements changes to the LSM xattr-related
> hooks and adds xattr handlers for ext[23] to support the use of extended
> attributes by security modules for storing file security labels, as
> described in my April 8th RFC posting. Please apply, or let me know if
> any changes are needed. Thanks.

First, please put the changes in the LSM API in a different patch from
the xattr changes, they're a different issue.

The other question is why do you name them system.security? The name
sounds a bit too generic to me. ACLs are certainly a security feature
and have different ATTRS, similar for the Posix capability and MAC
support in XFS. As selinux is the flask implementation for Linux
what about system.flask_label? (or system.selinux_label?)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bartlomiej Zolnierkiewicz: "[PATCH] 2.5.67-ac2 direct-IO for IDE taskfile ioctl (0/4) [resend]"
Previous message: Jan Harkes: "Re: Qn: Queer "Unable to handle kernel NULL pointer dereference at ..." error in kernel"
In reply to: Stephen Smalley: "[PATCH] Extended Attributes for Security Modules against 2.5.68"