Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 20 Jun 2014 20:50:36 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-bugs@FreeBSD.org
Subject:   [Bug 191218] mountd: can't change attributes for XXXXXXX: Invalid radix node head, rn: 0 0xXXXXXXXXXXXXXXX; can still mount path
Message-ID:  <bug-191218-8-vUhQN8XSM8@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-191218-8@https.bugs.freebsd.org/bugzilla/>
References:  <bug-191218-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191218

Xin LI <delphij@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |delphij@FreeBSD.org

--- Comment #4 from Xin LI <delphij@FreeBSD.org> ---
(In reply to yaneurabeya from comment #3)
> (In reply to Xin LI from comment #2)
> > Exporting subdirectories of a mountpoint is problematic and this is a well
> > known limitation of the protocol.  I don't consider this as a security issue
> > because the administrator is supposed to know what they are doing.
> 
> The security concern was over the fact that mountd is clearly reporting an
> error in the code, but hiding the fact that it's actually an error; unless
> the administrator is looking for errors from mountd, they have absolutely
> _no_ idea that the path is actually exported.

mountd have (correctly) reported that it was unable to change the export
attributes, we could, of course, use better error message, but if the
administrator chooses to ignore error messages, there is nothing we can do with
it.

Also, exporting subdirectories just plain doesn't work because the NFS client
can still request anything in the mountpoint.  Properly implemented client does
not allow it but an attacker do not have to use a properly implemented one. 
This is well known and relying on this security model is just plain wrong.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-191218-8-vUhQN8XSM8>