[4459] in Athena Bugs
attach: nfsid -p
daemon@ATHENA.MIT.EDU (John Carr)
Thu Mar 8 04:06:42 1990
To: bugs@ATHENA.MIT.EDU
Date: Thu, 08 Mar 90 04:06:26 EST
From: John Carr <jfc@ATHENA.MIT.EDU>
attach allows any user to run "nfsid -p". This is wrong: one user should
not be able to flush another's mappings. This patch fixes that bug, and
also drops the assumption that UFS filesystems are always supported by
attach.
*** /source/athena/bin.athena/attach/main.c Thu Nov 16 00:06:08 1989
--- main.c Fri Mar 2 01:08:48 1990
***************
*** 229,234 ****
--- 229,238 ----
ops = "unmapped";
break;
case 'p':
+ if (!trusted_user(getuid())) {
+ fprintf(stderr, "nfsid purge is a privileged operation\n");
+ return ERR_NFSIDPERM;
+ }
op = MOUNTPROC_KUIDPURGE;
ops = "mappings purged";
break;
*** /source/athena/bin.athena/attach/attach.h Wed Nov 15 22:41:28 1989
--- attach.h Fri Mar 2 01:09:09 1990
***************
*** 141,147 ****
--- 149,157 ----
int nfs_port; /* Valid only for NFS, port for rpc.mountd */
#endif
union tsa {
+ #ifdef UFS
struct ufs_args ufs;
+ #endif
#ifdef NFS
struct nfs_args nfs;
#endif
***************
*** 226,231 ****
--- 236,242 ----
#define ERR_NFSIDNOTATTACHED 20 /* Filesystem with -f not attached */
#define ERR_NFSIDBADHOST 21 /* Can't resolve hostname */
+ #define ERR_NFSIDPERM 22 /* unauthorized nfsid -p */
#define ERR_ATTACHBADFILSYS 20 /* Bad filesystem name */
#define ERR_ATTACHINUSE 21 /* Filesystem in use by another proc */
