> Well, I certainly am not in favor of trying to hack capabilities to work
> in a heterogenous environment. I see no reason why nfs can't be hacked so
> that two Linux machines can use capabilities over nfs. As far as IRIX,
> Linux 2.0 nfs servers, ... I just don't see this as an absolute necessity,
> especially when it adds what I consider unneeded bloat and complexity to
> our implementation.
>
> Of course, at least one gentleman from SGI has been very helpful in this
> thread;
Thanks, I think....
> perhaps IRIX will get patched for this. ;-)
Well, I didn't really want to mention it, but we do have an
extension to NFS3 which propogates arbitrary extended attributes
which we use for ACLs, Capabilities, and MAC labels in Trusted Irix.
So we don't have to patch *Irix* for a heterogenous environment.
--Casey Schaufler voice: (650) 933-1634 casey@sgi.com fax: (650) 933-0170
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/