Date: Thu, 20 Feb 1997 10:41:17 +0100 (MET) From: Andre Albsmeier <Andre.Albsmeier@mchp.siemens.de> To: hackers@freebsd.org Subject: How to prevent unknown users from writing my NFS fs? Message-ID: <199702200941.KAA07749@server.us.tld>
next in thread | raw e-mail | index | archive | help
Hi, I had posted this to -questions a while ago, but there was nobody who could help me. So I try it here again as I think this also might be an interestiong -hackers issue. How can I prevent an NFS exported filesystem to be written by users that are not known by the server? My problem is: I export a filesystem /people to some PCs running PCNFS on our network. Users there typically have homedirectories which contain a directoy pub that is 1777 so that others can write there. However, if you don't pass a username to PCNFS you are logged in as nobody (uid -2) and can still write to the pub directories. As a result there are files created that have a very high uids: -rw-rw-r-- 1 4294967294 andre 1115 Feb 17 10:04 test This confuses quotacheck which runs endlessly (see also PR 2325). A solution could be to prevent that uids that are unknown by the server are not allowed to write to the fs. Or, to prevent special uids to write the fs. I have checked the exports manpage but have no idea how this could be done.. Any help is greatly appreciated... Thanks -Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702200941.KAA07749>