On Thu, 28 Feb 2008, Casey Schaufler wrote:

quoted text
> Easier may be pragmatic, but that does not make it right.
> I suggest, that in my opinion (there, is that sufficiently
> non-confrontational?) that Linux and the LSM are much better
> served by a general xattr protocol than by adding a single
> reccommended attribute.

An xattr protocol is overkill for conveying a MAC label over the network, 
and would still not provide the required semantics.

Please see prior discussion on this e.g.

http://marc.info/?l=linux-kernel&m=120424789929258&w=2

Note that RAs are already used to convey ACLs and all other system-managed 
metatdata.  i.e. an extensible, appropriate infrastructure already exists 
in the NFSv4 protocol, and has been used successfully for similar 
purposes.  We do not need to add a new, generalized protocol to NFSv4 
for this, especially one which does not meet the requirements.




- James
-- 
James Morris
<jmorris@namei.org>
--
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/