Re: Extended attributes in OpenBSD

[Matthew C Weigel <Matthew_C_Weigel_(_at_)_tt-arietis_(_dot_)_fac_(_dot_)_cs_(_dot_)_cmu_(_dot_)_edu>]

>    Perhaps I am simply being stupid, but I have not gotten an understanding
> of the just added extended attributes functionality from TrustedBSD.

$ lynx -dump \
http://www.trustedbsd.org/documentation/whitepapers/introduction.html \
grep -B 2 -A 2 attribute

   Significant support code has been developed to provide a framework for
   the TrustedBSD feature set, including the development of named
   extended attribute support for FFS, allowing kernel and userland code
   to maintain extended attributes associated with files and directories.
   Such attribute storage may be used for a number of applications, but
   in the context of TrustedBSD, is used to store security labels
   associated with various policy mechanisms, including ACLs,

...

It's a generic EA implementation, it looks like.  Presumably similar in
spirit to what OS/2 and BeOS had.  Looks neat; see
http://lwn.net/2000/1026/a/extended-attributes.php3 for more discussion
(also weighted towards ACLs and capabilities.

Other systems that have had EAs have used them for ACLs, type systems
independant of filename extensions, generic 'database-like' information
storage, and capabilities.  The TrustedBSD implementation supports
namespaces, one of which (EXTATTR_NAMESPACE_SYSTEM) requires privilege
to manipulate.
-- 
 Matthew Weigel
 Research Systems Programmer
 mcweigel+_(_at_)_cs_(_dot_)_cmu_(_dot_)_edu