Linux could write to read only files on FreeBSD NFS server
Peter Eriksson
pen at lysator.liu.se
Thu Feb 27 22:11:55 UTC 2020
I see that this was a bit unclear, writing to the protected file was via NFS from a Linux (CentOS 7) client. I verified the ACLs and the file content both via NFSv4 and locally on the FreeBSD server.
Writing from an OmniOS (OpenSolaris) client fails. As does a local write. As it should...
Also, it’s not related to ACLs (atleast not directly). Using “chmod” gives the same effect:
> $ rm -f x
> $ touch x
> $ chmod 000 x
> $ ls -l x
> ---------- 1 peter86 employee-liu.se 0 27 feb 22.46 x
> $ echo foo >x
> $ cat x
> cat: x: Permission denied
> $ chmod 600 x
> cat x
> foo
Rick:
Looking at a tcpdump capture of the NFS traffic from the Linux client it seems to be doing:
1. Client -> Server:
V4 Procedure: COMPOUND (1)
SEQUENCE (53)
PUTFH (22)
OPEN (18)
share_access: OPEN4_SHARE_ACCESS_WRITE
open type: OPEN4_NOCREATE
ACCESS (3)
Check: RD MD XT XE
GETATTR (9)
2. Server -> Client:
V4 Procedure: COMPOUND (1)
Status: NFS4_OK
Operations (5):
SEQUENCE (53)
Status: NFS4_OK
PUTFH
Status: NFS4_OK
OPEN
Status: NFS4_OK
ACCESS [Access Denied]
Status: NFS4_OK
GETATTR
Status: NFS4_OK
3. Client -> Server:
V4 Procedure: COMPOUND (1)
Tag: <EMPTY>
Operations:
SEQUENCE (53)
PUTFH (22)
WRITE (38)
Stable: FILE_SYNC4
GETATTR (9)
4. Server -> Client
V4 Procedure: COMPOUND
Tag: <EMPTY>
Operations:
SEQUENCE (53)
Status: NFS4_OK
PUTFH
Status: NFS4_OK
WRITE
Status: NFS4_OK
Committed: FILE_SYNC4
GETATTR
Status: NFS4_OK
(According to Wireshark)
Looks like Linux ignores the Access Denied in packet 2 and just forges ahead, and FreeBSD happily accepts the WRITE in packet 3…
- Peter
> On 27 Feb 2020, at 22:03, Peter Eriksson <pen at lysator.liu.se> wrote:
>
> I can verify that this indeed seems to be the case - the file owner can always write to files, no matter the permissions set.
>
> Tested both locally (on ZFS) and over NFS (from the same directory).
More information about the freebsd-fs
mailing list