From: Trond Myklebust <trond.myklebust@fys.uio.no>
To: Jesse Pollard <jesse@cats-chateau.net>
Cc: Stephan von Krawczynski <skraw@ithnet.com>,
root@chaos.analogic.com, helgehaf@aitel.hist.no,
linux-kernel@vger.kernel.org
Subject: Re: FS: hardlinks on directories
Date: 05 Aug 2003 17:44:06 +0200 [thread overview]
Message-ID: <shsk79s6reh.fsf@charged.uio.no> (raw)
In-Reply-To: <03080510020503.05972@tabby>
>>>>> " " == Jesse Pollard <jesse@cats-chateau.net> writes:
> You do have to remember that any NFS export gives IMPLICIT
> access to the entire filesystem (it is the device number that
> is actually exported). If the attacker can generate
> device:inode number, then that file reference can be opened. I
> haven't read/seen anything yet that has said different.
Not entirely true. The default under Linux is to enable subtree
checks. This means that knfsd must establish that the file being
accessed lies within a subtree the head of which is the export point.
This wreaks havoc with cross-directory renames etc, so a lot of people
disable it, however it is a slightly safer default...
Of course if you start playing with the idea of hard linked
directories then subtree checks are no longer an option as the path
connecting an export point and the file is no longer guaranteed to be
unique (and some paths may not even be finite).
Cheers,
Trond
next prev parent reply other threads:[~2003-08-05 15:44 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-04 12:15 FS: hardlinks on directories Stephan von Krawczynski
2003-08-04 12:45 ` Måns Rullgård
2003-08-04 13:22 ` Stephan von Krawczynski
2003-08-04 13:37 ` Christian Reichert
2003-08-04 13:44 ` Stephan von Krawczynski
2003-08-04 14:22 ` Christian Reichert
2003-08-04 15:31 ` Jeff Muizelaar
2003-08-04 16:15 ` Stephan von Krawczynski
2003-08-05 2:45 ` Neil Brown
2003-08-05 9:41 ` Stephan von Krawczynski
2003-08-06 1:12 ` Neil Brown
2003-08-06 10:14 ` Stephan von Krawczynski
2003-08-07 2:27 ` Neil Brown
2003-08-04 12:47 ` Nikita Danilov
2003-08-04 13:32 ` Stephan von Krawczynski
2003-08-04 13:44 ` Andries Brouwer
2003-08-04 13:56 ` Stephan von Krawczynski
2003-08-04 14:04 ` Anton Altaparmakov
2003-08-04 14:50 ` Stephan von Krawczynski
2003-08-04 20:03 ` Olivier Galibert
2003-08-04 21:16 ` Jesse Pollard
2003-08-04 23:34 ` Stephan von Krawczynski
2003-08-05 14:20 ` Jesse Pollard
2003-08-05 14:44 ` Stephan von Krawczynski
2003-08-04 22:58 ` Andrew Pimlott
2003-08-05 0:19 ` Stephan von Krawczynski
2003-08-05 1:18 ` Andrew Pimlott
2003-08-05 8:04 ` Stephan von Krawczynski
2003-08-05 11:18 ` Wakko Warner
2003-08-04 14:33 ` Jesse Pollard
2003-08-04 15:05 ` Stephan von Krawczynski
2003-08-04 15:57 ` Richard B. Johnson
2003-08-04 21:23 ` Jesse Pollard
2003-08-04 16:11 ` Adam Sampson
2003-08-04 17:00 ` Hans Reiser
2003-08-04 17:18 ` Sean Neakums
2003-08-05 4:53 ` jw schultz
2003-08-04 18:50 ` jlnance
2003-08-04 21:09 ` Jesse Pollard
2003-08-04 22:13 ` Stephan von Krawczynski
2003-08-04 22:32 ` Stephan von Krawczynski
2003-08-04 23:00 ` Randolph Bentson
2003-08-05 0:10 ` Stephan von Krawczynski
2003-08-05 2:09 ` Edgar Toernig
2003-08-05 8:05 ` Stephan von Krawczynski
2003-08-05 12:51 ` Helge Hafting
2003-08-05 13:03 ` Stephan von Krawczynski
2003-08-05 13:13 ` Bernd Petrovitsch
2003-08-05 13:39 ` Stephan von Krawczynski
2003-08-05 13:36 ` Richard B. Johnson
2003-08-05 14:04 ` Stephan von Krawczynski
2003-08-05 14:57 ` Richard B. Johnson
2003-08-05 15:08 ` Stephan von Krawczynski
2003-08-05 15:02 ` Jesse Pollard
2003-08-05 15:12 ` Stephan von Krawczynski
2003-08-05 15:44 ` Trond Myklebust [this message]
2003-08-05 14:56 ` Jesse Pollard
2003-08-05 22:08 ` Helge Hafting
2003-08-24 17:35 ` Hans Reiser
2003-08-24 19:02 ` Helge Hafting
2003-08-25 8:27 ` Nikita Danilov
2003-08-25 15:48 ` Hans Reiser
2003-08-05 14:12 ` Jesse Pollard
2003-08-05 14:21 ` Stephan von Krawczynski
2003-08-05 15:53 ` Herbert Pötzl
2003-08-04 20:47 ` Jan Harkes
2003-08-04 15:42 ` Brian Pawlowski
2003-08-04 15:56 ` Stephan von Krawczynski
2003-08-04 16:16 ` Herbert Pötzl
2003-08-04 16:35 ` Stephan von Krawczynski
2003-08-04 16:54 ` Herbert Pötzl
2003-08-04 17:18 ` Stephan von Krawczynski
2003-08-04 17:25 ` Herbert Pötzl
2003-08-04 21:38 ` Jesse Pollard
2003-08-05 0:06 ` Stephan von Krawczynski
2003-08-05 3:11 ` Neil Brown
2003-08-04 21:29 ` Jesse Pollard
2003-08-04 23:42 ` Stephan von Krawczynski
2003-08-05 16:46 ` viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=shsk79s6reh.fsf@charged.uio.no \
--to=trond.myklebust@fys.uio.no \
--cc=helgehaf@aitel.hist.no \
--cc=jesse@cats-chateau.net \
--cc=linux-kernel@vger.kernel.org \
--cc=root@chaos.analogic.com \
--cc=skraw@ithnet.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).