From mboxrd@z Thu Jan  1 00:00:00 1970
From: ebiederm@xmission.com (Eric W. Biederman)
Subject: Re: [PATCH] fuse: Only allow read/writing user xattrs
Date: Sat, 06 Oct 2012 08:34:09 -0700
Message-ID: <87a9vzlimm.fsf@xmission.com>
References: <87boggpm7r.fsf@xmission.com>
	<CACLa4pue6Bb-37+u03C4=yva=SKDhxNyZyVgvv5dAmt-1ryzBQ@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain
Cc: Miklos Szeredi <miklos@szeredi.hu>, linux-fsdevel@vger.kernel.org,
	linux-security-module@vger.kernel.org
To: Eric Paris <eparis@parisplace.org>
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from out02.mta.xmission.com ([166.70.13.232]:58509 "EHLO
	out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1754401Ab2JFPeP (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Sat, 6 Oct 2012 11:34:15 -0400
In-Reply-To: <CACLa4pue6Bb-37+u03C4=yva=SKDhxNyZyVgvv5dAmt-1ryzBQ@mail.gmail.com>
	(Eric Paris's message of "Sat, 6 Oct 2012 10:23:02 -0400")
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

Eric Paris <eparis@parisplace.org> writes:

> NAK, this makes no sense...     We are working to support SELinux
> attrs on fuse, why shouldn't we?

Certainly there is a logical disconnect here.

What is the sense in security labels when anyone can arbitrarily choose
the security label they want and change the security label whenever
they want?

What is the point in a security label when you can not trust it?

Eric