On Thu, 2005-11-03 at 11:15 -0500, Ivan Gyurdiev wrote: > > > > I don't think so. Consider: today, ls can call getfilecon(), which > > internally performs a getxattr(), which returns the string stored in the > > attribute value, and returns it back to ls for display to the user. Why > > force that process to go through an extra conversion to struct and back > > for no reason? > > > You could still store it as a string, instead of piecewise, and then > extract fields on demand, when set() or get() is called. Then the > conversion can be done as a cast for users that want the whole string. > Anyway I haven't thought much about this problem, as optimization and > data hiding are usually the opposite of each other.. but there's > probably a way to combine them... But the question is still why do so? You gain nothing from such "data hiding" in this case, as the application still ends up converting to string form and can still violate the "encapsulation" at that point by peeking inside the string. It ends up being no different from directly returning the string form in that case as far as "data hiding" is concerned, and the string form is what most users of libselinux want. The structure is for a minority of users of libselinux that actually care about the individual fields. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
