Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!uunet!mcsun!unido!tub!fauern!tumuc!guug!ixos!santi
From: santi@ixos.UUCP (Michael Santifaller)
Newsgroups: comp.unix.i386
Subject: Re: questions about ISC 386/ix
Keywords: NFS & floppies, NFS & root, /lib/idcpp
Message-ID: <389@ixos.UUCP>
Date: 10 Jan 90 10:52:20 GMT
References: <42@guug.UUCP>
Reply-To: santi@ixos.UUCP (Michael Santifaller)
Organization: iXOS Software, Munich, West Germany
Lines: 41

In article <42@guug.UUCP> ott@guug.UUCP (Joachim Ott) writes:
>
>1) I'm root on host alpha and enter the following commands:
>
>mount -f NFS beta:/ /mnt
>dd if=/mnt/dev/dsk/f0q15dt
>dd: read error: Permission denied
>(same for cp, tar, /mnt/dev/dsk/f0q15dt is 666-mode)
>In my opinion, the floppy should be part of the mounted filesystem.

First of all, you can't access device files through NFS. Try using
something like
	rsh beta dd if=/dev/dsk/f0q15dt | tar xf -
or
	tar cf - | rsh beta dd of=/dev/dsk/f0q15dt
instead.

>2) Still root, I enter:
>cd /tmp
>>z
>ls -l z
>-rw-r--r--   1 root 	root 	0  Jan	4 19:01 z
>cd /mnt/tmp
>>z
>ls -l z
>-rw-rw-r--   1 65534	other	0  Jan	4 19:01 z
>
>What about that funny user-id and 664-file-mode on host beta ?

The funny user-id is called *nobody*. You are not allowed to access an
NFS server from a process running as *root*. To avoid possible
security problems (of which there still many!) the uid 0 is mapped to
-2 on the server side. Uid's are declared as an *unsigned short*,
therefore the 65534.

The file modes are actually funny, it looks like the clients umask
is not added properly into the file creation modes on the client NFS file
system code. Also, the gid change is quite strange. I honestly do not
believe that the excerpt presented here is complete.

Michael Santifaller