From mboxrd@z Thu Jan  1 00:00:00 1970
From: Eric Paris <eparis@parisplace.org>
Subject: Re: [PATCH] fuse: Only allow read/writing user xattrs
Date: Sat, 6 Oct 2012 11:57:35 -0400
Message-ID: <CACLa4pspCPnziaobcLN_QXRZ8quVPi4gTnyA0GO=uxmDWoA_kw@mail.gmail.com>
References: <87boggpm7r.fsf@xmission.com>
	<CACLa4pue6Bb-37+u03C4=yva=SKDhxNyZyVgvv5dAmt-1ryzBQ@mail.gmail.com>
	<87a9vzlimm.fsf@xmission.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Cc: Miklos Szeredi <miklos@szeredi.hu>, linux-fsdevel@vger.kernel.org,
	linux-security-module@vger.kernel.org
To: "Eric W. Biederman" <ebiederm@xmission.com>
Return-path: <linux-security-module-owner@vger.kernel.org>
In-Reply-To: <87a9vzlimm.fsf@xmission.com>
Sender: linux-security-module-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

Why trust uids or rwx bits.  Might as well do away with those as well, right?

On Sat, Oct 6, 2012 at 11:34 AM, Eric W. Biederman
<ebiederm@xmission.com> wrote:
> Eric Paris <eparis@parisplace.org> writes:
>
>> NAK, this makes no sense...     We are working to support SELinux
>> attrs on fuse, why shouldn't we?
>
> Certainly there is a logical disconnect here.
>
> What is the sense in security labels when anyone can arbitrarily choose
> the security label they want and change the security label whenever
> they want?
>
> What is the point in a security label when you can not trust it?
>
> Eric