[1742] in bugtraq
R. Thomas's NFS question
daemon@ATHENA.MIT.EDU (PETER.T.WHITING@sprint.sprint.com)
Tue May 9 12:43:22 1995
Date: Tue, 9 May 1995 09:13:22 -0400
From: PETER.T.WHITING@sprint.sprint.com
To: bugtraq@fc.net
R. Thomas> hostA --> exports /usr/share to -access=hostB
R. Thomas> hostB --> a linux box. re-exports /usr/share to everyone
R. Thamas> hostC --> not implicitly trusted by hostA, mounts /usr/share
R. Thomas> aside from any security concerns, this would certainly
R. Thomas> thrash your nfsd's. does anyone have any experience
R. Thomas> with this? i have only recently discovered this, and
R. Thomas> have not had time to peruse it in depth.
Not a problem. Host C gets to look at ***HostB's*** /usr/share - the
one that has HostA's /usr/share mounted over it, not HostA's
/usr/share. NFS gives you a single hop. In the above example HostA
could then mount (if perms were granted) HostC's /usr/share and
everything would work.
pete
Peter T. Whiting
12502 Sunrise V Dr
Reston VA, 22096
Phone (703) 689-7963
Fax (703) 689-7506
Email: Peter.T.Whiting@sprint.sprint.com
