From owner-freebsd-bugs  Sat Jul 21  8: 0:11 2001
Delivered-To: freebsd-bugs@freebsd.org
Received: from math.uic.edu (galois.math.uic.edu [131.193.178.114])
	by hub.freebsd.org (Postfix) with SMTP id 2EC1737B40A
	for <freebsd-bugs@FreeBSD.org>; Sat, 21 Jul 2001 08:00:08 -0700 (PDT)
	(envelope-from vladimir@math.uic.edu)
Received: (qmail 7216 invoked by uid 31415); 21 Jul 2001 14:59:54 -0000
Date: Sat, 21 Jul 2001 09:59:54 -0500
From: "Vladimir V. Egorin" <vladimir@math.uic.edu>
To: mike@FreeBSD.org
Cc: freebsd-bugs@FreeBSD.org
Subject: Re: kern/14712: root has access to NFS mounted directories with maproot=nobody
Message-ID: <20010721095953.A7008@math.uic.edu>
References: <200107210232.f6L2WlC67594@freefall.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200107210232.f6L2WlC67594@freefall.freebsd.org>; from mike@FreeBSD.org on Fri, Jul 20, 2001 at 07:32:47PM -0700
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

On Fri, Jul 20, 2001 at 07:32:47PM -0700, mike@FreeBSD.org wrote:
	> Synopsis: root has access to NFS mounted directories with maproot=nobody
	> 
	> State-Changed-From-To: open->feedback
	> State-Changed-By: mike
	> State-Changed-When: Fri Jul 20 19:32:27 PDT 2001
	> State-Changed-Why: 
	> 
	> Does this problem still occur in newer versions of FreeBSD,
	> such as 4.3-RELEASE?
	> 
	> http://www.FreeBSD.org/cgi/query-pr.cgi?pr=14712

The problem is still there:

On the NFS server:
# ls -ld /var/test
drwx--x--x  2 root  wheel  512 Jul 21 09:55 /var/test
# touch /var/test/file

On the NFS server:
/var is shared: (/etc/exports)
/var -maproot=nobody


On the client:

# mount -o vers=3 hopper:/var /mnt
# ls /mnt/test
/mnt/test: Permission denied


# umount /mnt
# mount -o vers=2 hopper:/var /mnt
# ls /mnt/test
file

Please let me know if you need any debugging help.
-- 
Vladimir

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message