DragonFly BSD
DragonFly bugs List (threaded) for 2005-10
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: nfs permission escalation?

From: "Simon 'corecode' Schubert" <corecode@xxxxxxxxxxxx>
Date: Sat, 08 Oct 2005 17:44:14 +0200

Matthew Dillon wrote:
:Now if I try to run it as root (again), it suddenly works. I guess that :our namecache isn't aware of the rootsquashing and thus grants access to :the cached vnode.
Yes, this is simply because from the client's point of view,
root is allowed to access everything, while from the server's point
of view, any root cred accesses will be converted to UID -2.

    So if the data is not cached on the client, the request is passed
    to the server and rejected because uid -2 has no access to it.

    But once the data is cached on the client, the client can access
    it as root even if the server would otherwise not allow that.

There are cache timeouts involved here too. Once the attribute
cache times out I'm not sure whether the next root-access will succeed or not... probably not.

Yes, but should we fix it (by querying always?) or is this a common problem for other implementations as well?


Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low $$$ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]