Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!mips!sgi!dana@tread.wpd.sgi.com
From: dana@tread.wpd.sgi.com (Dana Treadwell)
Newsgroups: comp.sys.sgi
Subject: Potential data loss due to bug in SunOS 4.1 NFS server
Message-ID: <102164@sgi.sgi.com>
Date: 7 May 91 20:41:33 GMT
Sender: guest@sgi.sgi.com
Lines: 16
Cc: artibee@tread.wpd.sgi.com, jweldon@tread.wpd.sgi.com,
        nina@tread.wpd.sgi.com

No kidding:

Sun introduced a bug in their SunOS 4.1 NFS server code (that is still present
in 4.1.1) which allows *any* client to change a file's size, with or without
permission to do so. This opens the door to file corruption/data loss on the
server. For instance, for some non-Sun NFS clients, if a user running as root
on the client tries to write to a file for which (s)he doesn't have write
permission, the file will be truncated to 0 bytes on the Sun server.

If you have an IRIS NFS client using a Sun running 4.1(.1) as an NFS server,
I strongly advise you to contact Sun for their patch. The bug is in Sun's
database as #1045536 and/or #1058798. In the meantime, you might want to
export all filesystems 'ro' on your Sun(s).

    Dana
    dana@sgi.com