Re: [PATCH 01/11] Security: Add hook to get full maclabel xattrname
From: Trond Myklebust
Date: Fri Feb 29 2008 - 00:02:14 EST
On Thu, 2008-02-28 at 17:26 -0800, Casey Schaufler wrote:
> --- Trond Myklebust <trond.myklebust@xxxxxxxxxx> wrote:
>
> >
> > On Thu, 2008-02-28 at 19:39 -0500, Christoph Hellwig wrote:
> > > On Thu, Feb 28, 2008 at 07:04:57PM -0500, Dave Quigley wrote:
> > > > There are several things here. I've spoken to several people about this
> > > > and the belief I've gotten from most of them is that a recommended
> > > > attribute is how this is to be transported. The NFSv4 spec people will
> > > > probably say that if you want xattr like functionality for NFSv4 use
> > > > named attributes. For us this is not an option since we require
> > > > semantics to label on create/open and the only way we can do this is by
> > > > adding a recommended attribute. The create/open calls in NFSv4 takes a
> > > > list of attributes to use on create as part of the request. I really
> > > > don't see a difference between the security blob and the
> > > > username/groupname that NFSv4 currently uses. Also there is a good
> > > > chance that we will need to translate labels at some point (read future
> > > > work).
> > >
> > > Then use the existing side-band protocol and ignore the NFSv4 spec
> > > group. They're <skip colourful language here> anyway.
> >
> > As I've told you several times before: we're _NOT_ putting private
> > ioctl^Hxattrs onto the wire. If the protocol can't be described in an
> > RFC, then it isn't going in no matter what expletive you choose to
> > use...
>
> With the SGI supplied reference implementation it ought to be a
> small matter of work to write an RFC. If the information weren't
> SGI proprietary I could even tell you how long it ought to take
> a junior engineer in Melbourne to write. The fact that there is
> currently no RFC does not mean that there cannot be a RFC, only
> that no one has written (or published) one yet.
NO! It is not a "small matter of work".
The fact is that private crap like the 'security' and 'system' namespace
makes describing 'xattr' as a protocol a non-starter and an
interoperability nightmare. If you can't do better than xattr for a
security protocol, then it is time to go look for another job...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/