[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-fs
Subject: Re: RFC: don't allow any access to unexported mounts for NFSv4
From: Rick Macklem <rmacklem () uoguelph ! ca>
Date: 2011-06-18 22:18:44
Message-ID: 1829558003.762155.1308435524848.JavaMail.root () erie ! cs ! uoguelph ! ca
[Download RAW message or body]
> On Fri, 17 Jun 2011 11:41:24 -0400 (EDT) Rick Macklem
> <rmacklem@uoguelph.ca> wrote:
>
> > > The workarounds you propose contradict everything people are used
> > > to. They are not easy or you need to care what you put in the
> > > parent
> > > directories of the one you want to export. It basically means that
> > > you can only use NFSv4 on newly setup systems, upgraded or
> > > migrated
> > > ones look out of the question (yes, I'm over-simplificating a
> > > bit).
> > >
> > > I really hope someone can come up with a fix for this, else it
> > > would
> > > mean I would not use NFSv4 anywhere.
> > >
> > Ok, can I assume that's a vote for "leave the hack in"?
>
> If the pain to let the hack in is not too big: yes, please let it in.
>
No pain at all. I just wanted to check to see what people thought of it.
(I can easily add the Access case for Linux mounts and also a small patch
that disallows lookups of regular files. With this, all clients can do is
lookup dirs and get their attributes and access info. Neither Read nor
Readdir are allowed, so clients must know/guess names.)
Thanks for the input, rick
_______________________________________________
freebsd-fs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-fs
To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic