Date: Tue, 10 Apr 2001 00:51:31 +0000 (GMT) From: Terry Lambert <tlambert@primenet.com> To: jhb@FreeBSD.org (John Baldwin) Cc: tlambert@primenet.com (Terry Lambert), rwatson@FreeBSD.org (((Robert Watson))), dillon@earth.backplane.com (((Matt Dillon))), freebsd-arch@FreeBSD.org Subject: Re: Eliminate crget() from nfs kernel code? Message-ID: <200104100051.RAA25363@usr01.primenet.com> In-Reply-To: <XFMail.010409155949.jhb@FreeBSD.org> from "John Baldwin" at Apr 09, 2001 03:59:49 PM
next in thread | previous in thread | raw e-mail | index | archive | help
> > I think that for the NFS case, the best thing to do would be to > > create a persistant "root" credential, and pass that, instead. > > So long as this doesn't give out extra privilege. Of course, you would need to re-mask locally. > > Doing anything else is likely to break somewhere, even if FreeBSD > > never implements client cacheing (NFSv3 permits it over the lifetime > > of a lease; NFSv4 practically demands it to get the best performance). > > I fail to see why using the actual credential from the requesting process > instead of blindly granting root privileges will break client caching. If > anything, I'm inclined to view it the other way around, but that's just me. Because you may be denied access, while I am not denied access, so cacheing the answer is the wrong thing to do. What you really want to cache is the stat information, which can then be checked against your credential locally. To do that, you have to have the necessary rights to get the stat information. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104100051.RAA25363>