On Sat, 2007-04-21 at 10:50 -0500, Mikkel L. Ellertson wrote: > The idea sounds nice, until you start thinking about the amount of > code you are adding to the file save process. If the mime-type is > set, then it is no big deal - a small addition to the SE Linux code. > If it isn't set, then you have to try and determine the mime-type. > This is better handled by a user-space program then as part of the > file system module. This is especially true because the list of > mime-types in not fixed. The added processing time would probably > not be too bad for a single file, but what happens when you are > doing a restore from a backup media that does not support ACLs? As a quick idea, how about: A generic file save requester, that all applications would use, that would be a part of this process (ensuring applications saved data in a useful way, but not adding the overhead to things that just write to disc - such as backup programs). -- (This box runs FC6, my others run FC4 & FC5, in case that's important to the thread.) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.