On Tue, 13 Oct 2009, Casey Schaufler wrote: > If you wanted to you could implement a mapping scheme of your choice > on the server. Just as long as you don't expect any defined semantics from this protocol -- it's purely xattr transport. > A Smack server might be happy with mapping > nfs.security.SMACK64 to security.SMACK64, while an HP/UX server might > have a function to map nfs.security.selinux into security.BellAndLaPadula > for its own nefarious purposes. Because you could do this strictly > on the server you don't have to implement a negotiation protocol, > although you could. I think if we start looking at negotiation & interpretation, then we've moved beyond simple metadata transport and should be looking at extending NFSv4 instead (e.g. like Labeled NFS). - James -- James Morris <jmorris@xxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
