libselinux question for httpd
Ivan Gyurdiev
ivg2 at cornell.edu
Thu Nov 3 16:15:15 UTC 2005
>
> I don't think so. Consider: today, ls can call getfilecon(), which
> internally performs a getxattr(), which returns the string stored in the
> attribute value, and returns it back to ls for display to the user. Why
> force that process to go through an extra conversion to struct and back
> for no reason?
>
You could still store it as a string, instead of piecewise, and then
extract fields on demand, when set() or get() is called. Then the
conversion can be done as a cast for users that want the whole string.
Anyway I haven't thought much about this problem, as optimization and
data hiding are usually the opposite of each other.. but there's
probably a way to combine them...
More information about the fedora-selinux-list
mailing list