Re: RFC: Solaris style extended attributes for FreeBSD

Out of curiosity, how are you preventing users from creating / writing
xattrs with the `system?` name prefix. In ZFS on FreeBSD IIRC this
prefix is used to determine whether the corresponding attribute when
accessed via the extattr interface is in the user or system
namespaces. I vaguely recall some people may have patched the FreeBSD
samba server for instance so that it writes security information
related into the system namespace when samba is configured as a domain
controller so some care needs to be taken with namespaces.

You may also need to potentially restrict ones with `security.` and
`trusted.` prefixes in case the ZFS data is replicated to Linux
systems (because those are privileged namespaces and it may introduce
a CVE).