Date: Fri, 25 Aug 2000 12:10:57 -0400 From: Allen Landsidel <all@biosys.net> To: freebsd-stable@FreeBSD.ORG Subject: Re: NFS client ignores "read-only" attribute on file Message-ID: <4.3.2.7.2.20000825120608.00b4d4a8@mail.megapathdsl.net> In-Reply-To: <14758.38824.440415.870831@onceler.kciLink.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:58 08/25/2000 -0400, Vivek Khera wrote: >I have one MAJOR issue with the FreeBSD NFS client: it ignores >read-only attribute on files owned by the current UID. > >Example. "kci" is a BSD/OS 4.0.1 server with all applicable patches. >"onceler" is a FreeBSD 4.1-STABLE (current thru wednesday's version). >The file system is served from kci to onceler. The FreeBSD system is >the *only* one that ignores the read-only setting. Linux and other >BSD/OS systems honor it as expected. I looked through your examples enough to say.. you proved your point.. :) This is surely the fault of whatever subsystem is responsible for user authentication.. I'm not familiar enough to say if it's the client or the server, but my gut instinct tells me it's the server. I would really uneducatedly guess that the server is not switching it's effective user id to that of the user issuing the request before the request is processed. If you could, can you see if you're allowed to modify files that you have read-only access to that are owned by another user/group? I suspect you'll be able to write to any file that you can read from. Leaving this responsibility to the client would be loony as all heck, considering anyone could then just hack up their own nfs client and use it to override file permissions on any server they had a valid user/pass on. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20000825120608.00b4d4a8>