From: Trond Myklebust <trondmy@hammerspace.com>
To: "bfields@fieldses.org" <bfields@fieldses.org>,
"steved@redhat.com" <steved@redhat.com>
Cc: "linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>,
"bfields@redhat.com" <bfields@redhat.com>
Subject: Re: [PATCH 2/2] mountd: always root squash on the pseudofs
Date: Thu, 3 Dec 2020 00:54:53 +0000 [thread overview]
Message-ID: <c9f91aa0ac98cd132fb212166aba01864c609939.camel@hammerspace.com> (raw)
In-Reply-To: <1606949804-31417-2-git-send-email-bfields@fieldses.org>
On Wed, 2020-12-02 at 17:56 -0500, J. Bruce Fields wrote:
> From: "J. Bruce Fields" <bfields@redhat.com>
>
> As with security flavors and "secure" ports, we tried to code this so
> that pseudofs directories would inherit root squashing from their
> children, but it doesn't really work as coded and I'm not sure it's
> useful.
>
> Just root squash always. If it turns out somebody's exporting
> directories that are only readable by root, I guess we can try to do
> something else here, but frankly that sounds like a pretty weird
> configuration.
>
> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
> ---
> utils/mountd/v4root.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/utils/mountd/v4root.c b/utils/mountd/v4root.c
> index 2ac4e87898c0..36543401f296 100644
> --- a/utils/mountd/v4root.c
> +++ b/utils/mountd/v4root.c
> @@ -60,8 +60,6 @@ set_pseudofs_security(struct exportent *pseudo, int
> flags)
> struct flav_info *flav;
> int i;
>
> - if ((flags & NFSEXP_ROOTSQUASH) == 0)
> - pseudo->e_flags &= ~NFSEXP_ROOTSQUASH;
> for (flav = flav_map; flav < flav_map + flav_map_size;
> flav++) {
> struct sec_entry *new;
>
Hmm... What is the harm in allowing root to be unsquashed here? Isn't
this really all about respecting lookup permissions, or could a user
actually modify something in the pseudofs? If the latter, then that
sounds like a bug (the pseudofs should always be read-only).
The consequence of not being able to look up a directory in the
pseudofs is that the NFSv4 client will be completely unable to mount
that subtree, so squashing root could make a major difference.
--
Trond Myklebust
Linux NFS client maintainer, Hammerspace
trond.myklebust@hammerspace.com
next prev parent reply other threads:[~2020-12-03 0:56 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-02 22:56 [PATCH 1/2] mountd: allow high ports on all pseudofs exports J. Bruce Fields
2020-12-02 22:56 ` [PATCH 2/2] mountd: always root squash on the pseudofs J. Bruce Fields
2020-12-03 0:54 ` Trond Myklebust [this message]
2020-12-03 1:05 ` J. Bruce Fields
2020-12-03 1:14 ` [PATCH 1/2] mountd: allow high ports on all pseudofs exports bfields
2020-12-03 1:14 ` [PATCH 2/2] mountd: never root squash on the pseudofs bfields
2020-12-26 19:32 ` Steve Dickson
2020-12-02 23:03 ` [PATCH 1/2] mountd: allow high ports on all pseudofs exports J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c9f91aa0ac98cd132fb212166aba01864c609939.camel@hammerspace.com \
--to=trondmy@hammerspace.com \
--cc=bfields@fieldses.org \
--cc=bfields@redhat.com \
--cc=linux-nfs@vger.kernel.org \
--cc=steved@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).