>Number:         14236
>Category:       misc
>Synopsis:       Netbooting tutorial contains incorrect NFS information about FreeBSD
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    misc-bug-people
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Oct 13 02:32:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Kris Kennaway
>Release:        
>Organization:
>Environment:
>Description:
The webpage http://www.netbsd.org/Documentation/network/netboot/nfs.html contains information about NFS on FreeBSD which is out of date.  At least in FreeBSD 4.x the /etc/exports file can contain subdirectories which are not a filesystem root, just like NetBSD.

It might also be worth mentioning that under *BSD, even if you specify a subdirectory, a malicious client can still obtain access to the entire filesystem, because the NFS server on *BSD doesn't limit access requests to the subdirectory which was actually exported.
>How-To-Repeat:

>Fix:
Remove the first paragraph under "FreeBSD" (``FreeBSD deals with exporting filesystems a little differently than most other platforms....''), correct the example /etc/exports line to contain the exact paths (similar to the NetBSD example), and optionally include a blurb at the top of the file about this not actually limiting client access to those subdirectories, under (at least) the BSD operating systems.
>Release-Note:
>Audit-Trail:
>Unformatted: