On Wed, Mar 19, 2003 at 08:05:38AM +0100, Russell Coker wrote: > Another thing, something like this needs to be done at package install time. > When a package is installed it's files need to be labeled, if we add running > "file" on the files in the package to the list of things to do then package > installation becomes even slower. well if it's slower to get the job rightly done, imho it's worth it. installation isn't a race, it's about setting things up correctly. just write a script to do it, put it in apt.conf.d, and it's already transparent. package apt-get dist-upgrade might run a little slower, but it shouldn't be that noticable of a penalty for the average package... > > > Also this problem will be more difficult to solve for LIDS and other > > > security modules that perform access control based on file names as all > > > those names will have to be known by the kernel. > > > > can they be given a list of filenames, or do you want regular expressions? > > Regular expressions are most conveniant. "/usr/share.*" ? or do you mean file globs? sean
Attachment:
pgpP5wazE7iVC.pgp
Description: PGP signature