From owner-p4-projects@FreeBSD.ORG Mon Aug 25 14:02:26 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 6F7C016A4C2; Mon, 25 Aug 2003 14:02:26 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 46DA716A4BF for ; Mon, 25 Aug 2003 14:02:26 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 84B5343F85 for ; Mon, 25 Aug 2003 14:02:25 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h7PL2P0U096154 for ; Mon, 25 Aug 2003 14:02:25 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h7PL2O1S096151 for perforce@freebsd.org; Mon, 25 Aug 2003 14:02:24 -0700 (PDT) Date: Mon, 25 Aug 2003 14:02:24 -0700 (PDT) Message-Id: <200308252102.h7PL2O1S096151@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Subject: PERFORCE change 36910 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Aug 2003 21:02:26 -0000 http://perforce.freebsd.org/chv.cgi?CH=36910 Change 36910 by rwatson@rwatson_paprika on 2003/08/25 14:02:04 Finish up more of the NFS section. Affected files ... .. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/arch-handbook/secarch/chapter.sgml#2 edit Differences ... ==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/arch-handbook/secarch/chapter.sgml#2 (text+ko) ==== @@ -1727,13 +1727,16 @@ permission to mount a file system is explicitly configured by the server administrator by means of the &man.exports.5; configuration file. - These protections are implemented XXX Each file system is exported only to explicitly configured hosts; for each configuration line, arbitrary mappings of local and remote users are provided, as well as mount flags indicating, broadly, what types of mounts are permitted (read-only or otherwise). - Once amount has taken place, each file system RPC is accompanied + Enforcement of these protections is split between the user mountd + process, which reads the /etc/exports file + and services mount requests, and the kernel NFS implementation, + which is informed of the export rules by the mount daemon. + Once a mount has taken place, each file system RPC is accompanied by a credential structure approximately equivilent to the local credential structure, consisting of effective uid, effective gid, and a set of additional groups. @@ -1743,7 +1746,10 @@ necessary uid and gid mapping first. In the default configuration, network credentials with a uid of 0 are mapped to the "nobody user" to limit the level of privilege - given to remote hosts. + given to remote hosts. + In NFSv2, file permissions and protections are largely + implemented by the client system; in NFSv3, the server is + queried by the client before permitting most forms of access. The NFSv2 and NFSv3 protocols supported by FreeBSD do not provide for cryptographic protection of in-flight RPCs on the @@ -1767,10 +1773,6 @@ name any object in the file system regardless of directory-based protections, so clients must be trusted to locally enforce these protections for this and other reasons. - -