From owner-freebsd-current  Thu Apr 12 14:52: 1 2001
Delivered-To: freebsd-current@freebsd.org
Received: from mail.imp.ch (mail.imp.ch [157.161.1.2])
	by hub.freebsd.org (Postfix) with ESMTP
	id 7A9A937B422; Thu, 12 Apr 2001 14:51:57 -0700 (PDT)
	(envelope-from mb@imp.ch)
Received: from harem (harem.imp.ch [157.161.4.8])
	by mail.imp.ch (8.11.1/8.11.1) with ESMTP id f3CLps151896;
	Thu, 12 Apr 2001 23:51:54 +0200 (CEST)
	(envelope-from Martin.Blapp@imp.ch)
Date: Thu, 12 Apr 2001 23:51:54 +0200
From: Martin Blapp <mb@imp.ch>
To: Matt Dillon <dillon@earth.backplane.com>
Cc: freebsd-current@FreeBSD.ORG, Thomas Quinot <quinot@inf.enst.fr>,
	alfred@FreeBSD.ORG
Subject: Re: NFS export to netgroup with duplicate hosts
In-Reply-To: <200104122114.f3CLExb25647@earth.backplane.com>
Message-ID: <Pine.SGI.4.10.10104122343100.3111172-100000@harem.imp.ch>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


>     The reason is that the file handles passed to nfsd could then
>     be trivially faked to gain rw access on a ro-exported subdirectory.
>     For example, if you export /usr read-only and /usr/local read-write,
>     you can then construct an NFS request using /usr/local's mount point
>     but with a file handle that represents a file in /usr, and then be
>     able to write to that file.  This is because the file handle
>     representing file X will be almost identical no matter which mount
>     point X is accessed relative to.

Yes I see. I'd also like to see what happens if you move some
directory, or if you are doing hardlinks and also move them ... :-)
Your explanation is logical to me.

Maybe we should fix the exports(5) manpage. This is not a bug, it's
a security restriction.

It seems to me that we have a really good nfs implementation here
on BSD, and we can do more finetuning than on Solaris itself. Also
mountd and export seems to support more features than in Solaris,
according to the manpage.

Could this export restriction change in future with nfsv4, when nfs
does get stateful (I've heard about that the stateless behaviour will
go away with nfsdv4) ... ? I do not know much about the internals of
nfsv4 ...

Martin


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message