Justin P. Mattock wrote: > Thats some crazy stuff!! and just think most of it is > simply magnets.(but more complicated than that) > >One feature we are kicking around to make life easier for SELinux: > >sometimes the filesystem can run while SELinux is not running, and > >security labels will be wrong when SELinux re-enters the picture. We > >have in mind to provide a persistent log of filesystem events that the > >security system can attach to on startup and find out what went on in > >its absence. > > > > > That sounds nice: > > find out what went on in > its absence. That sounds like a feature Windows had for many years now, (since Windows 2000?). It complements the Windows equivlant of dnotify/inotify/fsnotify. It's used for file indexing too (think equivalent to Spotlight, Beagle, etc.), and other types of security scanning (think equivalent to Tripwire). I wonder why the people writing file indexing tools for Linux never made a fuss about this. Inotify is ok for indexing, but means quite a few minutes of intensive disk activity after each boot to rescan /home. -- Jamie -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
