From owner-freebsd-arch Mon Dec 6 20:15:27 1999 Delivered-To: freebsd-arch@freebsd.org Received: from ns1.yes.no (ns1.yes.no [195.204.136.10]) by hub.freebsd.org (Postfix) with ESMTP id DAE5D14BE7 for ; Mon, 6 Dec 1999 20:15:24 -0800 (PST) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218]) by ns1.yes.no (8.9.3/8.9.3) with ESMTP id FAA15367 for ; Tue, 7 Dec 1999 05:15:22 +0100 (CET) Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id FAA12741 for freebsd-arch@freebsd.org; Tue, 7 Dec 1999 05:15:21 +0100 (MET) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 60BBF14BE7 for ; Mon, 6 Dec 1999 20:13:33 -0800 (PST) (envelope-from robert@cyrus.watson.org) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id XAA14146; Mon, 6 Dec 1999 23:13:15 -0500 (EST) (envelope-from robert@cyrus.watson.org) Date: Mon, 6 Dec 1999 23:13:15 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org Reply-To: Robert Watson To: Brett Glass Cc: freebsd-arch@freebsd.org Subject: Re: Extended File Attributes for FFS (request for design comments) In-Reply-To: <4.2.0.58.19991206172414.03e973a0@localhost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 6 Dec 1999, Brett Glass wrote: > I seem to recall that HP/UX does something very much like what you describe. > (Actually, they get even fancier; they can cause you to open or see a > DIFFERENT FILE depending on what architecture you're running. This trickery > is done via environment variables.) > > Their file system extensions might be worth a look. My understanding is that TRIX (Trusted IRIX) and some other trusted operating systems play namespace games to maintain the MAC properties of publically writable directories (i.e., a "SECRET" vs. "TOPSECRET" tmp dir), but that the namespace tricks are not part of the attribute functionality, but instead a property of special symlinks (or the like), not unlike the AFS @sys behavior. I believe there was an extensive discussion of the costs/merits of namespace games on -CURRENT last year sometime, but that the idea was rejected for various reasons. It should be noted that this attribute behavior does not introduce significant cost in the cases where it is not used--only a boolean if check + pointer dereference, most likely. And you could even compile out all the codepaths if desired (#ifdef UFS_EXT_ATTR). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message