[235] in linux-security and linux-alert archive
Re: linux nfsd
daemon@ATHENA.MIT.EDU (Aleph One)
Tue May 16 04:08:28 1995
Date: Wed, 10 May 1995 18:46:39 -0500 (CDT)
From: Aleph One <aleph1@dfw.net>
To: alex <alex@bach.cis.temple.edu>
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.91.950510191946.7957E-100000@bach.cis.temple.edu>
Actually it is againts the NFS especification adn if not done right can
cause server lockups. But anyway I just found that linux does not do it
by default, you need to use the -r option to have it do it.
a1
On Wed, 10 May 1995, alex wrote:
> I do not think that there's a security problem here. When hostA exports
> /usr/share to hostB /usr/share becomes a part of hostB's filesystem. Now
> this is not of hostA's business to know/limit what hostB does to parts of
> its filesystem.
[Moderator's FYI, from the man-page on nfsd(8):
-r or --re-export
Allow imported NFS file-systems to be exported.
This can be used to turn a machine into an NFS mul-
tiplier. Caution should be used when re-exporting
loopback NFS mounts because re-entering the mount
point will result in deadlock between the NFS
client and the NFS server.
--Jeff.]
