RFC: don't allow any access to unexported mounts for NFSv4
Rick Macklem
rmacklem at uoguelph.ca
Sat Jun 18 22:18:46 UTC 2011
> On Fri, 17 Jun 2011 11:41:24 -0400 (EDT) Rick Macklem
> <rmacklem at uoguelph.ca> wrote:
>
> > > The workarounds you propose contradict everything people are used
> > > to. They are not easy or you need to care what you put in the
> > > parent
> > > directories of the one you want to export. It basically means that
> > > you can only use NFSv4 on newly setup systems, upgraded or
> > > migrated
> > > ones look out of the question (yes, I'm over-simplificating a
> > > bit).
> > >
> > > I really hope someone can come up with a fix for this, else it
> > > would
> > > mean I would not use NFSv4 anywhere.
> > >
> > Ok, can I assume that's a vote for "leave the hack in"?
>
> If the pain to let the hack in is not too big: yes, please let it in.
>
No pain at all. I just wanted to check to see what people thought of it.
(I can easily add the Access case for Linux mounts and also a small patch
that disallows lookups of regular files. With this, all clients can do is
lookup dirs and get their attributes and access info. Neither Read nor
Readdir are allowed, so clients must know/guess names.)
Thanks for the input, rick
More information about the freebsd-fs
mailing list