Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!mailrus!cornell!uw-beaver!rice!sun-spots-request
From: hedrick@geneva.rutgers.edu (Charles Hedrick)
Newsgroups: comp.sys.sun
Subject: Re: Grrr....exports stupidities under 4.0.1
Keywords: SunOS
Message-ID: <3820@kalliope.rice.edu>
Date: 9 Jun 89 20:05:43 GMT
Sender: usenet@rice.edu
Organization: Sun-Spots
Lines: 26
Approved: Sun-Spots@rice.edu
X-Sun-Spots-Digest: Volume 8, Issue 29, message 1 of 17

From: mende@athos.rutgers.edu (Bob Mende Pie)
>So I want somthing like
>	/dir	-ro,rw=myclients

There's a good reason why Sun doesn't allow netgroups in the rw clause.
Every time an RPC request comes in from a client, the kernel has to check
whether it is from a machine that is permitted to have write access.  I
think Sun decided that having the kernel look a name up in the netgroups
database would be a bit too much overhead to be done per packet.  It's no
problem with access=, because that only has to be checked once, at mount
time.  Of course one could cache the results of the lookup, so it might be
practical to use a netgroup for rw=, but the code would certainly be more
complex.  There are enough problems in 4.0 already without adding more
complexity.

Actually, as it turns out, the systems Bob Mende is responsible have
a different solution to the problem, but it's a local Rutgers hack.
We allow
  /dir    -rw,access=netgroup
  /dir:2  -ro
that is, separate lines in /etc/export.  If you are in the netgroup,
you match the first line and get rw access.  If not, you match the
second and get ro access.  The system gives the client different
file handles at mount time, so there's no problem telling which kind
of system requests comes from.  However it's not entirely clear
that our implementation of this concept is very secure.