Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: R. Thomas's NFS question
From: marekm () i17linuxb ists pwr wroc pl (Marek Michalkiewicz)
Date: Wed, 10 May 1995 16:39:58 +0200 (MET DST)


PETER.T.WHITING () sprint sprint com:

    R. Thomas> hostA --> exports /usr/share to -access=hostB 
    R. Thomas> hostB --> a linux box.  re-exports /usr/share to everyone
    R. Thamas> hostC --> not implicitly trusted by hostA, mounts /usr/share
[ ... ]
Not a problem.  Host C gets to look at ***HostB's*** /usr/share - the
one that has HostA's /usr/share mounted over it, not HostA's
/usr/share.  NFS gives you a single hop.  In the above example HostA
could then mount (if perms were granted) HostC's /usr/share and
everything would work.

The NFS server on Linux is a bit different from that on other systems -
hostC will see hostA's /usr/share re-exported.  But this is true only
if nfsd on hostB was started with the -r (--re-export) option.

By default, re-export is disabled and hostC will just see an empty
directory.  This is recommended - otherwise if hostA goes down, nfsd
on hostB will hang because it can only process one request at a time.

The Linux NFS server certainly is not the best one, but it is being
worked on.  If you are still running version 2.0, please upgrade now -
it has serious bugs.  The latest version (maintained by Olaf Kirch)
is 2.2alpha6, available at ftp://linux.nrao.edu/pub/people/okir/nfsd/

Regards,
-- Marek Michalkiewicz <marekm () i17linuxa ists pwr wroc pl>



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault