TrustedBSD File System Access Extended Attributes and UFS2
Extended attributes allow the kernel and userland processes to tag
files with arbitrary named data. This provides a location to store
the extensive security data required for the various TrustedBSD
security extensions, including ACLs, privileges and MAC labels.
Extended attribute support has been developed for FreeBSD's UFS1 file
system and integrated with the FreeBSD development tree, and was
included in FreeBSD 5.0. UFS2 was implemented to provide improved
performance and reliability for extended attributes, and has been
available since FreeBSD 5.0. UFS2 became the default in FreeBSD 5.1,
and is the recommended file system for TrustedBSD functionality.
UFS1 extended attributes were implemented by Robert Watson. UFS2
was implemented by Kirk McKusick and Poul-Henning Kamp.