[PATCH] NFS server subtree_check returns dubious value

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi.

Attached is a patch which addresses a problem found when a Linux NFS server
uses the "subtree_check" export option.

The "subtree_check" NFS export option was designed to prohibit a client from
using a file handle for which it should not have permission.  The algorithm
used is to ensure that the entire path to the file being referenced is
accessible to the user attempting to use the file handle.  If some part of
the path is not accessible, then the operation is aborted and the appropriate
version of ESTALE is returned to the NFS client.

The error, ESTALE, is unfortunate in that it causes NFS clients to make
certain assumptions about the continued existence of the file.  They assume
that the file no longer exists and refuse to attempt to access it again.
In this case, the file really does exist, but access was denied by the
server for a particular user.

A better error to return would be an EACCES sort of error.  This would
inform the client that the particular operation that it was attempting
was not allowed, without the nasty side effects of the ESTALE error.

   Thanx...

      ps

Signed-off-by: Peter Staubach <[email protected]>
--- linux-2.6.16.x86_64/fs/exportfs/expfs.c.org
+++ linux-2.6.16.x86_64/fs/exportfs/expfs.c
@@ -102,7 +102,7 @@ find_exported_dentry(struct super_block 
 		if (acceptable(context, result))
 			return result;
 		if (S_ISDIR(result->d_inode->i_mode)) {
-			/* there is no other dentry, so fail */
+			err = -EACCES;
 			goto err_result;
 		}
 

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux