From owner-freebsd-stable Mon Aug 28 9:58:54 2000 Delivered-To: freebsd-stable@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 2A33237B422 for ; Mon, 28 Aug 2000 09:58:53 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e7SGwqF11244; Mon, 28 Aug 2000 09:58:52 -0700 (PDT) Date: Mon, 28 Aug 2000 09:58:52 -0700 From: Alfred Perlstein To: Rahul Dhesi Cc: freebsd-stable@FreeBSD.ORG Subject: Re: NFS client ignores "read-only" attribute on file Message-ID: <20000828095852.L1209@fw.wintelcom.net> References: <20000828165206.AFA527C57@yellow.rahul.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <20000828165206.AFA527C57@yellow.rahul.net>; from dhesi@rahul.net on Mon, Aug 28, 2000 at 09:52:06AM -0700 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Rahul Dhesi [000828 09:52] wrote: > Allen Landsidel writes: > > >Leaving this responsibility to the client would be loony as all heck, > >considering anyone could then just hack up their own nfs client and use it > >to override file permissions on any server they had a valid user/pass on. > > >From a philosphical perspective, I'm not sure that the above is correct. > NFS was designed to work properly only with trusted clients that are > under the same administrative control as the NFS server. That makes about as much sense as making read-only mounts and maproot into "suggestions" for the clients instead of enforced on the server. Basically, you're wrong. -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message