So in 2.8 the ability to specify all files via file, instead of having to do /** rwlkmix, the question is should this short cut provide all those permissions or should we separate out exec permissions. It seems odd to me that saying you have access to all files means you also can exec anything even if it remains confined by the current profile.