David Howells <dhowells@xxxxxxxxxx> writes:
> Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
>
>> - How should LSM security labels be translated?
>
> I'm definitely interested in that. Especially with respect to how to deal
> with SELinux + overlay{fs,}/unionmount.
>
> Also, I'm interested in how keyrings should interact with namespaces. Should
> keys be namespaced?
Key lookups are already per user namespace, so I would call that
namespaced. We do have the question with keys, should we allow
duplicate key values so that checkpoint/restart can carry keys between
different kernels.
> And I'm also interested in how upcalls, including to /sbin/request-key, should
> be dealt with.
Good question. There is some ongoing discussion on that right now.
Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
