From owner-freebsd-hackers  Wed Jul  8 07:13:31 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA04843
          for freebsd-hackers-outgoing; Wed, 8 Jul 1998 07:13:31 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from aaka.3skel.com (aaka.3skel.com [207.240.212.3])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA04836
          for <freebsd-hackers@FreeBSD.ORG>; Wed, 8 Jul 1998 07:13:26 -0700 (PDT)
          (envelope-from danj@3skel.com)
Received: from fnur.3skel.com (fnur.3skel.com [192.168.0.8]) by aaka.3skel.com (8.8.5/8.8.2) with ESMTP id KAA19937; Wed, 8 Jul 1998 10:13:19 -0400 (EDT)
Received: from 3skel.com (localhost.3skel.com [127.0.0.1]) by fnur.3skel.com (8.8.8/8.8.2) with ESMTP id KAA06797; Wed, 8 Jul 1998 10:13:17 -0400 (EDT)
Message-ID: <35A37E7C.7CF9404F@3skel.com>
Date: Wed, 08 Jul 1998 10:13:17 -0400
From: Dan Janowski <danj@3skel.com>
Organization: Triskelion Systems, Inc.
X-Mailer: Mozilla 4.04 [en] (X11; I; FreeBSD 2.2.6-RELEASE i386)
MIME-Version: 1.0
To: Terry Lambert <tlambert@primenet.com>
CC: freebsd-hackers@FreeBSD.ORG
Subject: Re: permission confusion at mount points (and NFS)
References: <199807031017.DAA15756@usr04.primenet.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Terry Lambert wrote:

> I personally think that the idea of mapping a vnode into an existing
> directory hierarchy should *not* require acess to the existing
> hierarchy to implement.
>
> My idea is that you seperate the act of mapping from the act of lookup;
> this is a little inconvenience, in that you ignopre the mapping point
> in favor of that which is mapped.  It has the advantage that "X" replaces
> "Y" instead of "X" predicates "Y".   In more simple terms, it means that
> the mounted FS permissions are checked instead of the mount point
> permissions before acces is granted.
>
> This is really an issue of data hiding more than anything else, since
> it has to do with when permissions are evaluated.
>

 The last time I checked, this limitation is amplified in NFS.
A filesystem mount point that is under an imported NFS mount
will not show the contents. IRIX allows access to mount points
in directories within an NFS mount.

Has there been any consideration given to changing this behavior?


Dan


--
danj@3skel.com
Dan Janowski
Triskelion Systems, Inc.
Bronx, NY




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message