Re: Extended attributes Linux interface

To: tech-kern%netbsd.org@localhost
Subject: Re: Extended attributes Linux interface
From: Matthew Mondor <mm_lists%pulsar-zone.net@localhost>
Date: Sat, 22 Oct 2011 01:38:14 -0400

On Fri, 21 Oct 2011 00:29:12 -0400
Matthew Mondor <mm_lists%pulsar-zone.net@localhost> wrote:

> If unicode strings are possible, I think that it'd be possible for a
> string to look like "system" but to actually be something else to an
> auditing administrator, unless all tools clearly showed those non-ASCII
> bytes in an escaped format.

If the above theory is true, if we eventually supported extended
permissions such as access lists, they could possibly be implemented in
a special empty string class, with a special empty string key, and a
single structured object value specifying the permissions, rather than
relying on various keys within the "system" class.

Yet ideally for performance and security, it'd be ideal if the
interface only presented integer IDs for the class, and reserved
integer key attributes for the i.e. EXTATTR_SYSTEM class (just like our
groups are really gids).  The Linux compatibility interface, if
preserved, could be oblivious to system class attributes and only be
useful for the general purpose user attributes...  The problem here
would be that user tools using only the Linux API would not be able to
backup the full state (in this case, the extended permissions,
unfortunately)...
-- 
Matt

Follow-Ups:
- Re: Extended attributes Linux interface
  - From: Emmanuel Dreyfus

References:
- Extended attributes Linux interface
  - From: Matthew Mondor

Prev by Date: Re: Patch: rework kernel random number subsystem
Next by Date: Re: Patch: rework kernel random number subsystem
Previous by Thread: Extended attributes Linux interface
Next by Thread: Re: Extended attributes Linux interface
Indexes:

Home | Main Index | Thread Index | Old Index