Re: extattr namespaces

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Mon, Feb 06, 2012 at 09:51:19AM +0000, Emmanuel Dreyfus wrote:
> Here is public disuccsion about extended attributs namespaces, following
> a private request from yamt@
> 
> We ahve two extended attributes API in tree: one from FreeBSD and one from 
> Linux. We are about to toss the FreeBSD one in favor of the Linux one. 
> That is easy now since we never had working extended attributes in a 
> release.
> 
> Extended attribute have namespaces, which are used for access control. 
> For instance, an unprivilegied  user can access user namespace extattr on 
> a file he owns. system namespace extattr can only be accessed by 
> privilegied users.
> 
> In the FreeBSD API, namespaces are int. There are two namesapces defined:
> ssytem and user. There is no way to add other namespaces, though I have
> no idea what happens if one use an int valude different than system or user.
> 
> In the Linux API, namespaces are dot-prefixed to the extended attribute 
> named. For instance: system.foo is the system-namespace foo attribute. 
> One can use any namespace, some of them having special access controls:
> trusted, system and security feature privilegied access control.
> 
> If we dump the FreeBSD API, we are left with kernel internal interfaces
> with namespaces as an int. We can just ignore them and enforce the use 
> of dot-prefux namespaces. 

note that the ffsv2 extended attribute on-disk format uses an int as
namespaces (just like the API). Nothing unworkable here, but it may
be tricky if we want to be compatible with FreeBSD ...

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--