SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Skip Research Menus

Research Menu

Research Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: Deprecate freecon and freeconary This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] [ Replies ] From: Ivan Gyurdiev <ivg2_at_cornell.edu> Date: Tue, 28 Feb 2006 12:32:23 -0500 >> This patch marks freecon and freeconary as deprecated. >> All uses of freecon() are changed to free(). >> Uses of freeconary() remain within the library, since this is a useful >> function. >> > > Given that freeconary() is a useful helper, should we retain it in the > non-deprecated API but just convert its argument to char* going* > forward? > It's not in the selinux_* namespace, and it's trivial to rewrite... I'm not sure we should expose a function which frees an array of strings. This isn't related to selinux, it's a string utility function. >> stdlib.h has been included where appropriate. >> stddef.h has been included where size_t was needed >> Manpages and comments have been edited appropriately. >> >> The next logical patch is to remove security_context_t, and replace it >> with char, although I'm not sure whether that should be done throughout* >> the library, or just in the API. >> > > We'll likely need to retain the type definition in the API for > compatibility with externally maintained code (e.g. SELinux userland > patches that have migrated into other distributions and in some cases > into the upstream packages). Right, I didn't mean to remove the typedef statement. I was wondering whether we should re-write the function prototypes and manpages not to mention it. >> 1. Freecon and freeconary are not in a proper namespace. All such >> functions should be deprecated and replaced in general. >> > > Not sure if this is truly justified for all such functions, e.g. > getfilecon, setfilecon, setexeccon, etc are basic primitives that could > easily have been implemented as system calls (and were originally) if > that had been an option. The core API (wrappers of kernel APIs) can > likely be left alone aside from security_context_t -> char conversion.* > ...if they're not syscalls anymore, then I don't see why they shouldn't follow the naming rules as all other functions. Anyway, I won't send any patches to rename things right now - there were reasons other than the naming to look at deprecating freecon* and context_*. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Tue 28 Feb 2006 - 12:32:48 EST This message: [ Message body ] Next message: Stephen Smalley: "Re: Context translation and MLS categories" Previous message: Ivan Gyurdiev: "Re: Context translation and MLS categories" In reply to: Stephen Smalley: "Re: Deprecate freecon and freeconary" Next in thread: Stephen Smalley: "Re: Deprecate freecon and freeconary" Reply: Stephen Smalley: "Re: Deprecate freecon and freeconary" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom