[3412] in Athena Bugs
attach
daemon@ATHENA.MIT.EDU (probe@ATHENA.MIT.EDU)
Fri Oct 13 07:13:39 1989
From: probe@ATHENA.MIT.EDU
Date: Fri, 13 Oct 89 07:13:23 -0400
To: bugs@ATHENA.MIT.EDU
Reply-To: Richard Basch <probe@ATHENA.MIT.EDU>
I have fixes for all of the following problems (the first two have been
reported before):
1) attach does not reset the error flag and continue with a read-only
mount if it receives an error from AUTH_TOO_WEAK error from the
rpc.mountd on the server. This problem will affect clients trying to
get to filesystems, such as X11R3, on fascist servers, such as AENEAS.
For now, AENEAS is running a special rpc.mountd, whose sources no longer
exist (well, I did it as a compatibility for per-filesystem fascism and
I was going to remove the compatible rpc.mountd for the 6.3B release,
but the release was broken).
2) attach does not remove directories in lieu of placing a symlink for
an AFS filesystem. The problem stems from the fact that it is running
with an effective uid of the user at the time that it is trying to
perform the rmdir().
*** NEW ***
3) If the Hesiod information for an AFS filesystem changes and a symlink
is left on the machine, attach does not remove the symlink. Though this
might be considered good for security reasons, it can also be bad if
Hesiod does change. The security problems are actually solved by
disallowing certain mountpoints in attach.conf, therefore this "safety"
test should not be performed. I would recommend a much more "fascist"
attach.conf be put on the workstations to prevent possible problems.
Specifically, all the directories containing binaries on the local
workstation should be disallowed. If this is not done, then it is
possible to destroy the symlinks to the RVDs.
-Richard
