I've created a patch for libarchive that allows storing and restoring MAC labels from/to a multilabel filesystem using bsdtar. Now before going anywhere with this I had a few questions: - how much general interest is there in such a feature? Would this be a welcome addition to libarchive, either "upstream" or as integrated in the system source tree. I would be especially interested in the opinion of people who have already been involved with the MAC development. - right now the labels are stored silently, similar to ACL-s and extended attributes. They are not extracted by default, only when the '-p' option is specified (default as root). This seems consistent, however it would also be possible to add a switch so that the labels wouldn't be archived unless explicitly requested. - the labels are stored in text representation, as converted by mac_to_text(). This could potentially cause some future breakage, if the text representation ever changes. Also, restoring a label partially (let's say a biba+MLS label with only biba enabled) does not work. Any thoughts on that? Thanks, Priit. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"