[131] in linux-security and linux-alert archive
Re: SECURITY: NFS Vulnerability
daemon@ATHENA.MIT.EDU (Dane Jasper)
Mon Mar 13 00:39:36 1995
Date: Sun, 12 Mar 95 18:17 PST
From: dane@sonic.net (Dane Jasper)
To: linux-security@tarsier.cv.nrao.edu
Reply-To: linux-security@tarsier.cv.nrao.edu
In article <JUPHOFF.95Mar12123801@tarsier.cv.nrao.edu> you wrote:
: The current Linux NFS server (version 2.0) has a couple of security problems
: some of which have been known for a while and supposedly been fixed a long
: time ago. However, none of the versions I found on the usual FTP sites had
: these fixes incorporated.
I have annother security problem with NFS - but a minor one. Users can
cause denial of service attacks by locking up NFS servers that they have
access to..
mount -t nfs server.edu:/exports/goodies /mnt
mkdir /mnt/another_mountpoint
mount -t nfs server.edu:/exports/goodies /mnt/another_mountpoint
ll /mnt/another_mountpoint
Because NFS is not multithreaded, I think this will fail.. Let me know if
I'm barking up the wrong tree - I get the digest, so I'll see responses.
Can we make NFS multithreaded?
Dane
