On Tue, Feb 17, 2009 at 11:50:50AM -0500, David P. Quigley wrote: > So can anyone see of another use for providing a call back that would > tell a client to flush it's cached changes back to the server and start > a recovery? It could be a potential solution to large scale relabeling > on the server but I hesitate to propose it unless it has more than just > that application. Also aren't callbacks done out of band and if a > callback channel can't be established the functionality is just dropped? I don't think that timely revocation, extending to cached data on clients, is a problem that we need to address for labeling. It's a problem in general and one that most users and implementors probably don't care that much about. Timely revocation can always be addressed separately if it becomes sufficiently desirable. IMO: leave it out of scope. Nico -- -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
