From owner-freebsd-stable@FreeBSD.ORG Thu Mar 23 07:01:14 2006 Return-Path: X-Original-To: stable@freebsd.org Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 525F216A400 for ; Thu, 23 Mar 2006 07:01:14 +0000 (UTC) (envelope-from peterjeremy@optushome.com.au) Received: from mail12.syd.optusnet.com.au (mail12.syd.optusnet.com.au [211.29.132.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 92BE443D46 for ; Thu, 23 Mar 2006 07:01:13 +0000 (GMT) (envelope-from peterjeremy@optushome.com.au) Received: from turion.vk2pj.dyndns.org (c220-239-19-236.belrs4.nsw.optusnet.com.au [220.239.19.236]) by mail12.syd.optusnet.com.au (8.12.11/8.12.11) with ESMTP id k2N70v01021713 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 23 Mar 2006 18:00:58 +1100 Received: from turion.vk2pj.dyndns.org (localhost.vk2pj.dyndns.org [127.0.0.1]) by turion.vk2pj.dyndns.org (8.13.4/8.13.4) with ESMTP id k2N70vFW000973; Thu, 23 Mar 2006 18:00:57 +1100 (EST) (envelope-from peter@turion.vk2pj.dyndns.org) Received: (from peter@localhost) by turion.vk2pj.dyndns.org (8.13.4/8.13.4/Submit) id k2N70vUS000972; Thu, 23 Mar 2006 18:00:57 +1100 (EST) (envelope-from peter) Date: Thu, 23 Mar 2006 18:00:56 +1100 From: Peter Jeremy To: Matthew Dillon Message-ID: <20060323070056.GC679@turion.vk2pj.dyndns.org> References: <200603211607.30372.mi+mx@aldan.algebra.com> <200603221427.45219.mi+mx@aldan.algebra.com> <200603222020.k2MKKKIF013999@apollo.backplane.com> <200603221659.04157.mi+mx@aldan.algebra.com> <200603222333.k2MNXnP8015012@apollo.backplane.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200603222333.k2MNXnP8015012@apollo.backplane.com> X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.11 Cc: stable@freebsd.org Subject: Re: flushing "anonymous" buffers over NFS is rejected by server (more weird bugs with mmap-ing via NFS) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Mar 2006 07:01:14 -0000 On Wed, 2006-Mar-22 15:33:49 -0800, Matthew Dillon wrote: > solution. Basically the server would have to accept root creds but > instead of translating them to a fixed uid it should allow the > I/O operation to run as long as some non-root user would be able to > do the I/O op. This doesn't work with modes like 446 (which allow writing by everyone not in a particular group). Doesn't that amount to significantly reducing the security of NFS? ISTR the original reason for "nobody" was that it was trivial to fake root so the server would map it to an account with (effectively) no privileges. This change would give root on a client (file) privileges equal to the union of every non-root user on the server. In particular, it appears that the server can't tell if a file was opened for read or write so a client could open a file for reading (getting a valid FH) and then write to it (even though it couldn't have opened the file for writing). -- Peter Jeremy