On Wednesday 26 March 2008 10:43, Michael Stone <mstone@xxxxxxxxxx> wrote: > On Wed, Mar 26, 2008 at 08:24:15AM +1100, Russell Coker wrote: > >Should there be some special marking of files with both a SE Linux context > > and an ACL? > > (not cc'ing the closed selinux list again) What is the problem with the list? Are your messages bouncing? You should expect that your messages will be delayed until business hours in the east coast of the US (unless someone is working on the weekend), but that's not really a problem. > How much can you fit into one char before it gets confusing? Character 10 in "ls -l" output can have values from "xtT", character 7 can have values from "xsS", and character 1 can have many values. > As I > understand it, there can't be a case on an selinux system where you have > an acl and not an selinux context--so why bother highlighting the case > where you have both? On a SE Linux system you can't have a file without a SE Linux context. Therefore the issue is whether you have an ACL or not. Which is why I believe that having "+" or " " is a reasonable choice. If that idea is not well regarded by the people who matter then I am not really bothered as long as something better than the current situation is chosen and implemented before Lenny freezes. > If people really want something for that, fine, but > I suspect that the ls listings will be come unreadable in short order if > that trend continues. Actually I'm more worried about the ease of machine parsing of ls output. I'm sure that someone will suggest a better option than having a shell script grep ls output, but there are a lot of people who are used to grepping ls output and it would be nice not to break things for them. -- russell@xxxxxxxxxxxx http://etbe.coker.com.au/ My Blog http://www.coker.com.au/sponsorship.html Sponsoring Free Software development -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
