[1754] in bugtraq
Re: and now, back to your regularly scheduled discussion topic...
daemon@ATHENA.MIT.EDU (Philip Guenther)
Wed May 10 03:50:57 1995
To: patrick@oes.amdahl.com (Patrick Horgan)
Cc: bugtraq@fc.net
In-Reply-To: Your message of "Mon, 08 May 1995 12:09:12 +0800."
<9505081909.AA21004@brittany.oes.amdahl.com>
Date: Mon, 08 May 1995 22:49:30 -0500
From: Philip Guenther <guenther@gac.edu>
Patrick Horgan said:
>> and now for something completely different (apologies to M. Python):
>>
>> ObBug: i have recently discovered that it is possible to re-export an
>> imported filesystem under Linux. to illustrate:
>>
>> hostA --> exports /usr/share to -access=hostB
>> hostB --> a linux box. re-exports /usr/share to everyone
>> hostC --> not implicitly trusted by hostA, mounts /usr/share
>>
>> aside from any security concerns, this would certainly thrash your nfsd's.
>> does anyone have any experience with this? i have only recently discovered
>> this, and have not had time to peruse it in depth.
>>
>
>Are you sure about this? Any system using nfs will allow this, but the
>directory they mount from hostB is the mount directory, not the /usr/share
>form hostA.
Ah, but Linux uses a user level nfs server, which does a couple odd
things. Not only will it allow the above, but it exports across
partition boundaries (i.e., if /usr and /usr/local are different
partitions, and you export /usr, /usr/local goes along with it. Most
nfs implementations (All Sun derived?) will give whatever is 'under'
/usr/local instead).
Philip Guenther
guenther@stolaf.edu
