Newsgroups: comp.protocols.nfs Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!think.com!snorkelwacker.mit.edu!ira.uka.de!!krey From: krey@ira.uka.de (Andreas Krey) Subject: Re: Why not export /fs /fs/subdir? Message-ID: <1991Jun26.083340.16200@ira.uka.de> Sender: krey@i30fs1 (Andreas Krey) Organization: University of Karlsruhe, FRG References: <1991Jun18.040038.15141@Think.COM> Date: Wed, 26 Jun 1991 08:33:40 GMT Lines: 58 In article , droms@regulus.bucknell.edu (Ralph E. Droms) writes: |> In article <10284@star.cs.vu.nl> sater@cs.vu.nl (Hans van Staveren) writes: |> > |> >Have you tried this anywhere and had it give you access to |> >other filesystems? I'd call systems like that "broken". |> > |> >Rob T |> |> We have tried it. I can assure you that at least SunOs 4.1.1 NFS servers |> are broken in the sense you call it. |> |> Perhaps Rob T and I are not talking about the same situation. Suppose |> I have the following filesystem subtree on an NFS server S (where '*' |> is some arbitrary path): |> |> * |> / \ |> / \ |> A B |> |> and the export list on S: |> |> */A -access=A |> */B -access=B |> |> I can handcraft a program that issues NFS requests (through callrpc) |> from A to do: |> |> fh = mount("*/A"); |> fh = lookup(fh, ".."); |> fh = lookup(fh, "B"); |> fh = lookup(fh, "bar"); |> result = read(fh, buf); |> |> buf now contains the contents of "*/B/bar", although A has not mounted |> and S has explicitly exported "*/B" to be inaccessible to client A. |> |> This experiment was run on between a Sun 4/20 client and a Sun 3/160 |> client, both running SunOS 4.1 (*not* 4.1.1). |> |> The exported file system information is managed by the mount daemon |> and protocol. How would the NFS server learn of that information? |> |> -- |> - Ralph Droms Computer Science Department |> droms@bucknell.edu 323 Dana Engineering |> Bucknell University |> (717) 524-1145 Lewisburg, PA 17837 Important addition: On the server, A, B, and the directory named '*' must be on the same disk partition. NFS only does lookups within a single disk filesystem, so it always exports a full DISK filesystem even if the mount point is not the root of that filesystem. -- Andy 4/1/91 is gone and 4/1/92 yet to come. Applies to this article.