Re: extattr namespaces

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Mon, Feb 06, 2012 at 05:00:05PM +0000, Emmanuel Dreyfus wrote:
> On Mon, Feb 06, 2012 at 05:53:09PM +0100, Manuel Bouyer wrote:
> > But if you want to have system.foo distinct from security.foo, you have
> > to duplicate the namespace in the name itself, right ?
> 
> Yes, but if we want to tend forward the Linux API, this is the way 
> to go. You cannot add abitrary user namespaces otherwise.
> 
> > that's not a big problem; just that we won't be able to read freebsd
> > extended attributes.
> 
> You wil be able to read them, but trouble will start when you will want to
> modify them with an API that enforces the dot-prefixed namespace. And you
> cannot strip it since you wil lnot be able to distinguish trusted.foo 
> and system.foo afterwards if you do that.

I'm not sure you can even read them: on freebsd "user.foo.bar" will be stored
as name "foo.bar" in (integer) namespace user. When we'll read it we'll
find foo in (integer) namespace user but we don't know which namespace
it really belongs to (as we store the namespace with the name);
and for us this will be name "bar" in namespace foo.

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--