On Fri, 2018-05-11 at 12:51 -0700, Matthew Garrett wrote: > > Should "evm_xattrs" be defined directly in the securityfs directory or > > in a subdirectory similar to ima? It will be difficult later on to > > move "evm_xattrs" to a subdirectory once applications start > > reading/writing to it. What would the subdirectory be called? > > Yeah, that's tricky - the obvious directory would be evm, but that's > already in use. integrity makes sense, but then ima should also be under it. I haven't tried, but maybe we could use softlinks (eg. <securityfs>/ima ==> <securityfs>/integrity/ima)? And then there are namespaces ... Mimi
