* [refpolicy3 RFC] Drop suffixes?
@ 2023-03-24 18:10 Chris PeBenito
2023-03-24 18:31 ` Dominick Grift
2023-03-25 9:15 ` Russell Coker
0 siblings, 2 replies; 4+ messages in thread
From: Chris PeBenito @ 2023-03-24 18:10 UTC (permalink / raw)
To: selinux-refpolicy
I am considering dropping the suffixes from users, roles, and types.
init_t would become init, user_r would become user, etc.
Thoughts?
--
Chris PeBenito
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [refpolicy3 RFC] Drop suffixes?
2023-03-24 18:10 [refpolicy3 RFC] Drop suffixes? Chris PeBenito
@ 2023-03-24 18:31 ` Dominick Grift
2023-03-25 9:15 ` Russell Coker
1 sibling, 0 replies; 4+ messages in thread
From: Dominick Grift @ 2023-03-24 18:31 UTC (permalink / raw)
To: Chris PeBenito; +Cc: selinux-refpolicy
Chris PeBenito <chpebeni@linux.microsoft.com> writes:
> I am considering dropping the suffixes from users, roles, and
> types. init_t would become init, user_r would become user, etc.
>
> Thoughts?
One thought I have is: might this in some cases conflict with keywords?
i.e. is it technically possible?
If the suffixes have no real use then I would probably drop them, provided
that it is technically possible.
I use suffixes in my policy but they are used for templates and they are
generally also more descriptive.
--
gpg --locate-keys dominick.grift@defensec.nl
Key fingerprint = FCD2 3660 5D6B 9D27 7FC6 E0FF DA7E 521F 10F6 4098
Dominick Grift
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [refpolicy3 RFC] Drop suffixes?
2023-03-24 18:10 [refpolicy3 RFC] Drop suffixes? Chris PeBenito
2023-03-24 18:31 ` Dominick Grift
@ 2023-03-25 9:15 ` Russell Coker
2023-03-27 12:32 ` Chris PeBenito
1 sibling, 1 reply; 4+ messages in thread
From: Russell Coker @ 2023-03-25 9:15 UTC (permalink / raw)
To: selinux-refpolicy, Chris PeBenito
On Saturday, 25 March 2023 05:10:10 AEDT Chris PeBenito wrote:
> I am considering dropping the suffixes from users, roles, and types.
> init_t would become init, user_r would become user, etc.
Even when the syntax prevents the compiler from being confused there is a
benefit to avoiding user confusion. So having user_r:user_t change to
user:user would be bad IMHO.
22 years ago this might have been justified by reducing RAM use or something
but that doesn't apply now. What's the motivation for this?
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [refpolicy3 RFC] Drop suffixes?
2023-03-25 9:15 ` Russell Coker
@ 2023-03-27 12:32 ` Chris PeBenito
0 siblings, 0 replies; 4+ messages in thread
From: Chris PeBenito @ 2023-03-27 12:32 UTC (permalink / raw)
To: russell, selinux-refpolicy
On 3/25/2023 05:15, Russell Coker wrote:
> On Saturday, 25 March 2023 05:10:10 AEDT Chris PeBenito wrote:
>> I am considering dropping the suffixes from users, roles, and types.
>> init_t would become init, user_r would become user, etc.
>
> Even when the syntax prevents the compiler from being confused there is a
> benefit to avoiding user confusion. So having user_r:user_t change to
> user:user would be bad IMHO.
>
> 22 years ago this might have been justified by reducing RAM use or something
> but that doesn't apply now. What's the motivation for this?
Since refpolicy3 is a major change, I've been reexamining past
decisions. Now is the time to make significant changes.
--
Chris PeBenito
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-03-27 12:32 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-24 18:10 [refpolicy3 RFC] Drop suffixes? Chris PeBenito
2023-03-24 18:31 ` Dominick Grift
2023-03-25 9:15 ` Russell Coker
2023-03-27 12:32 ` Chris PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.