Date: Mon, 6 Dec 1999 23:13:15 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Brett Glass <brett@lariat.org> Cc: freebsd-arch@freebsd.org Subject: Re: Extended File Attributes for FFS (request for design comments) Message-ID: <Pine.BSF.3.96.991206230922.14113A-100000@fledge.watson.org> In-Reply-To: <4.2.0.58.19991206172414.03e973a0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 6 Dec 1999, Brett Glass wrote: > I seem to recall that HP/UX does something very much like what you describe. > (Actually, they get even fancier; they can cause you to open or see a > DIFFERENT FILE depending on what architecture you're running. This trickery > is done via environment variables.) > > Their file system extensions might be worth a look. My understanding is that TRIX (Trusted IRIX) and some other trusted operating systems play namespace games to maintain the MAC properties of publically writable directories (i.e., a "SECRET" vs. "TOPSECRET" tmp dir), but that the namespace tricks are not part of the attribute functionality, but instead a property of special symlinks (or the like), not unlike the AFS @sys behavior. I believe there was an extensive discussion of the costs/merits of namespace games on -CURRENT last year sometime, but that the idea was rejected for various reasons. It should be noted that this attribute behavior does not introduce significant cost in the cases where it is not used--only a boolean if check + pointer dereference, most likely. And you could even compile out all the codepaths if desired (#ifdef UFS_EXT_ATTR). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.991206230922.14113A-100000>