Subject: Re: NFS access, was UBC...
To: None <>
From: Thor Lancelot Simon <>
List: tech-kern
Date: 12/08/2003 12:02:07
On Mon, Dec 08, 2003 at 11:31:49AM -0500, wrote:
> - For AUTH_GSS, I think it should probably use the authenticator for the
>   current client uid. (I could see an argument for using the authenticator
>   used for Open for V4, but since this isn't specified in the RFC, I think
>   it is, at best, a fallback, if the client uid authenticator gets
>   NFSERR_ACCES. I am an old-fashioned guy, so I still spell access with one
>   S:-)

If you don't use the same credentials used for the open() -- or, at
least, credentials with at _least_ the same rights to the file, as in
the AUTH_UNIX hack we're discussiong -- you'll end up violating Unix
semantics on the client side, whcih is unfortunate and will cause program
misbehaviour.  The one gotcha is that when using a gross hack like we do
for AUTH_UNIX, one needs to be careful not to allow _more_ rights than
were allowed at open() time, lest one create a security problem that can
be exploited by opening a file the owner doesn't have write permission
to, for example, then using that descriptor to write it after the open.

 Thor Lancelot Simon	                            
   But as he knew no bad language, he had called him all the names of common
 objects that he could think of, and had screamed: "You lamp!  You towel!  You
 plate!" and so on.              --Sigmund Freud