[9873] in Athena Bugs
decmips 7.4G: NFS
daemon@ATHENA.MIT.EDU (Calvin Clark)
Wed Sep 9 16:02:43 1992
Date: Wed, 9 Sep 92 16:02:32 -0400
From: Calvin Clark <ckclark@mit.edu>
To: bugs@Athena.MIT.EDU
Reply-To: ckclark@mit.edu
System name: w20-575-64
Type and version: KN02ca 7.4G
Display type: PMAG-DV
What were you trying to do?
Flush my mappings to the NFS server jason.
What's wrong:
Flushing my mappings with nfsid -unmap jason (as myself) or
nfsid -purge jason (as root) only removes my write access, *not* my read
access to protected files. Read access remains until the locker is
unmounted (e.g., with detach.) This is a not a reference counter
problem, as I have executed the unmap and purge several times while
testing this bug.
What should have happened:
An NFS server should not trust uid x on host y when there are no
corresponding Kerberos mappings. It shouldn't "just sort of" trust it,
and let you read until the filesystem is unmounted. All or nothing.
Black or white. 1 or 0. Fuzzy set theory doesn't apply to system
development. But I spin my wheels, because NFS security is an issue of
the past, of course.
Please describe any relevant documentation references:
fsid(1)
