Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 16 May 2003 04:15:50 -0400 (EDT)
From:      "Ilmar S. Habibulin" <ilmar@watson.org>
To:        re@FreeBSD.org
Cc:        current@FreeBSD.org
Subject:   Re: 5.2-RELEASE TODO
Message-ID:  <20030516041042.U29447@fledge.watson.org>
In-Reply-To: <200305151400.h4FE0Djv020741@fledge.watson.org>
References:  <200305151400.h4FE0Djv020741@fledge.watson.org>

next in thread | previous in thread | raw e-mail | index | archive | help


On Thu, 15 May 2003, Robert Watson wrote:

>   Desired Features for 5.2-RELEASE
>
>    +------------------------------------------------------------------------+
>    |    Issue    | Status |  Responsible  |           Description           |
>    |-------------+--------+---------------+---------------------------------|
>    |             |        |               | Currently, MAC protections are  |
>    |             |        |               | enforced only on locally        |
>    |             |        |               | originated file system          |
>    |             |        |               | operations (VOPs), and not on   |
>    |             |        |               | RPCs generated via the NFS      |
>    | MAC support |        |               | server. Improvements in NFS     |
>    | for NFS     | --     | Robert Watson | server credential handling are  |
>    | Server      |        |               | required to correct this        |
>    |             |        |               | problem, as well as the         |
>    |             |        |               | introduction of new entry       |
>    |             |        |               | points to properly label NFS    |
>    |             |        |               | credentials and perform         |
>    |             |        |               | enforcement properly.           |
>    |-------------+--------+---------------+---------------------------------|

Do you plan to transfer labels over NFS? If so, why not to make some
generic extended attributes transfer mechanism over NFS and use it for ACL
too?

And what about packet labeling - it's still desired feature for
trustedbsd/6.0-current?



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030516041042.U29447>