Jamie Nguyen
jamie****@tomoy*****
Thu Jun 2 17:55:14 JST 2011
Tetsuo Handa wrote: > Sorry for bothering you, but due to above change, I now strongly feel we should > use "***_domain"/"no_***_domain" rather than "***_namespace"/"no_***_namespace" > so that what users need to know remains unchanged (i.e. > > "***_domain"/"no_***_domain" are directives for controlling domain transition > upon program execution > > ). > > Some candidates that replace "transit_namespace"/"no_transit_namespace": > > "transit_domain"/"no_transit_domain" > "transfer_domain"/"no_transfer_domain" > "reset_domain"/"no_reset_domain" > "change_domain"/"no_change_domain" > "start_domain"/"no_start_domain" > "restart_domain"/"no_restart_domain" With the above, we would end up with exception policy that can look like this: initialize_domain /usr/bin/foo from any transit_domain /usr/bin/bar from any The problem with ***_domain is that it doesn't really imply that the domain is in another namespace. It isn't as self explanatory as ***_namespace is. The meanings of "initialize" and "transit" could easily be interchanged (in other words, initialize_domain could easily be renamed transit_domain). Perhaps then I will revitalize my original push for "initialize_namespace" (sorry Toshiharu!) for two reasons. Firstly, this directive implies that the domain is in another namespace. Secondly, it implies that the directive is similar in action to "initialize_domain", which controls domain transition on program execution. Actually, I think it is less than ideal that we have a different directive for exception policy, but are re-using "auto_domain_transition" and "task manual_domain_transition". It makes sense to re-use, so is there a way we can re-use initialize_domain? Such as: initialize_domain <$namespace> /usr/bin/foo from any (where omission of <$namespace> implies that it remains in the same namespace). This has both of the advantages of "initialize_namespace": implies that the domain is in another namespace, and implies that the directive controls domain transition on program execution. What do you think? I can't remember if we already considered this option.
TOMOYO
Fork