From owner-freebsd-current  Sat Dec 15  0:31:55 2001
Delivered-To: freebsd-current@freebsd.org
Received: from avocet.prod.itd.earthlink.net (avocet.mail.pas.earthlink.net [207.217.120.50])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4598537B42C; Sat, 15 Dec 2001 00:31:49 -0800 (PST)
Received: from pool0029.cvx22-bradley.dialup.earthlink.net ([209.179.198.29] helo=mindspring.com)
	by avocet.prod.itd.earthlink.net with esmtp (Exim 3.33 #1)
	id 16FAEW-0000Me-00; Sat, 15 Dec 2001 00:31:48 -0800
Message-ID: <3C1B0A76.21F0D4EE@mindspring.com>
Date: Sat, 15 Dec 2001 00:31:50 -0800
From: Terry Lambert <tlambert2@mindspring.com>
X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony}  (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: obrien@freebsd.org
Cc: Ian Dowse <iedowse@maths.tcd.ie>, current@freebsd.org
Subject: Re: mountd(8) leaving filesystems exported
References: <200112150034.aa63895@salmon.maths.tcd.ie> <3C1AEB07.5FE66AD7@mindspring.com> <20011215002501.B27029@dragon.nuxi.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

David O'Brien wrote:
> On Fri, Dec 14, 2001 at 10:17:43PM -0800, Terry Lambert wrote:
> > The problem is that the exported FSs exports are managed in the
> > per FS mount code, and they really ought to be managed in higher
> > level code (above the VFS layer, but still in the kernel).
> >
> > This is incidently what prevents us from having a SunOS-like
> 
> And why we cannot export to parallel directories of a file system.
> This limitation is actually a security concern as one ends up exporting
> the parent and thus exposes more of the filesystem across the network.

As a security thing, it cuts both ways; it really depends on your
policy basis.

In general, this is handled by adding an option to the mountd to
only export whole FSs, to get around the cut the other direction
(I think this is "-subdirs" on SunOS, but it has been over a year
since I powered up my SPARC box).

The other nice thing about handling it in the upper layers is that,
doing what you want to do, you can put different directories of the
same FS into different netgroups and/or export the main as read-only
with a subdirectory as read-write.

The one caveat here is that the server won't distinguish these,
except on handle, so exclusion group protections on the directory
containing the read/write mount point won't prevent read/write by
other users, unless you cons up a handle (you should have to do
this anyway, but it will require a little client work to get it
going; in any case, such security is always defeatable with raw
wire access).

-- Terry

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message