libselinux question for httpd
Stephen Smalley
sds at tycho.nsa.gov
Fri Nov 4 14:07:02 UTC 2005
On Fri, 2005-11-04 at 08:59 -0500, Stephen Smalley wrote:
> But the question is still why do so? You gain nothing from such "data
> hiding" in this case, as the application still ends up converting to
> string form and can still violate the "encapsulation" at that point by
> peeking inside the string. It ends up being no different from directly
> returning the string form in that case as far as "data hiding" is
> concerned, and the string form is what most users of libselinux want.
> The structure is for a minority of users of libselinux that actually
> care about the individual fields.
So, in summary, the libselinux interface is exactly right - most of its
interfaces operate on the abstraction/data type that is most commonly
needed by its users, and it provides separate conversion and
manipulation functions for the minority of users that need to operate on
the structured form. The only mistake was bothering to create a typedef
for security_context_t versus just using char* everywhere.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list