On Fri, 2005-11-04 at 08:59 -0500, Stephen Smalley wrote: > But the question is still why do so? You gain nothing from such "data > hiding" in this case, as the application still ends up converting to > string form and can still violate the "encapsulation" at that point by > peeking inside the string. It ends up being no different from directly > returning the string form in that case as far as "data hiding" is > concerned, and the string form is what most users of libselinux want. > The structure is for a minority of users of libselinux that actually > care about the individual fields. So, in summary, the libselinux interface is exactly right - most of its interfaces operate on the abstraction/data type that is most commonly needed by its users, and it provides separate conversion and manipulation functions for the minority of users that need to operate on the structured form. The only mistake was bothering to create a typedef for security_context_t versus just using char* everywhere. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list