On Tue, Apr 12, 2005 at 17:13:03 +0100, Jamie Lokier wrote: > Miklos Szeredi wrote: > > > Note that NFS checks the permissions on _both_ the client and server, > > > for a reason. > > > > Does it? If I read the code correctly the client checks credentials > > supplied by the server (or cached). But the server does the actual > > checking of permissions. > > > > Am I missing something? > > Yes, for NFSv2, this test in nfs_permssion(): > > if (!NFS_PROTO(inode)->access) > goto out; > > And for either version of NFS, if the uid and gid are non-zero, and > the permission bits indicate that an access is permitted, then the > client does not consult the server for permission. ... but that clearly says that it checks the permissions on *either* cleint *or* server. Not all requests are passed to the server and there the client only checks the permission bits, even if the credentials are different than what was originally used to obtain the information. ------------------------------------------------------------------------------- Jan 'Bulb' Hudec <[email protected]>
Attachment:
signature.asc
Description: Digital signature
- References:
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Miklos Szeredi <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Daniel Jacobowitz <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Miklos Szeredi <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Daniel Jacobowitz <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Miklos Szeredi <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Daniel Jacobowitz <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Miklos Szeredi <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Jamie Lokier <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Miklos Szeredi <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- From: Jamie Lokier <[email protected]>
- Re: [RFC] FUSE permission modell (Was: fuse review bits)
- Prev by Date: [patch 072/198] x86_64: Use a VMA for the 32bit vsyscall
- Next by Date: Re: [RFC] FUSE permission modell (Was: fuse review bits)
- Previous by thread: Re: [RFC] FUSE permission modell (Was: fuse review bits)
- Next by thread: Re: [RFC] FUSE permission modell (Was: fuse review bits)
- Index(es):