Date: Mon, 21 Oct 2002 06:03:32 -0700 (PDT) From: Michael van Elst <mlelstv@dev.de.cw.net> To: freebsd-gnats-submit@FreeBSD.org Subject: kern/44336: NFSv3 client broken - security problem with attribute caching Message-ID: <200210211303.g9LD3Wrg048753@www.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 44336 >Category: kern >Synopsis: NFSv3 client broken - security problem with attribute caching >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Oct 21 06:10:10 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Michael van Elst >Release: FreeBSD 4.7-STABLE / FreeBSD 5.0-CURRENT >Organization: Cable&Wireless >Environment: FreeBSD dt1.dev.de.cw.net 4.7-STABLE FreeBSD 4.7-STABLE #0: Thu Oct 10 18:20:04 CEST 2002 root@dt1.dev.de.cw.net:/usr/src/sys/compile/DT1 i386 FreeBSD dv2.dev.de.cw.net 5.0-CURRENT FreeBSD 5.0-CURRENT #0: Tue Sep 17 17:25:48 CEST 2002 root@dv2.dev.de.cw.net:/usr/src/sys/i386/compile/DV2 i386 >Description: Effect of chmod(1) is deferred on NFSv3 mounts. >How-To-Repeat: Mount a directory on a NFSv3 server (tested against a NetApp filer and a FreeBSD-4.6-STABLE server) and change to that directory. % touch foo % chmod 644 foo ; echo >> foo % chmod 0 foo ; echo >> foo % chmod 0 foo ; echo >> foo foo: Permission denied. % chmod 644 foo ; echo >> foo % chmod 0 foo ; sleep 2 ; echo >> foo foo: Permission denied Apparently it takes up to two seconds before the chmod becomes effective. Most probable reason: the NFS client uses cached attributes that are not invalidated by chmod(1). Repeating the same with a NFSv2 mount does not exhibit the problem. Repeating the same on NetBSD1.6 and Solaris9 does not exhibit the problem. >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210211303.g9LD3Wrg048753>