NLM uses AUTH_SYS ignoring sec option in mount_nfs
Andrey Simonenko
simon at comsys.ntu-kpi.kiev.ua
Thu May 24 11:47:04 UTC 2012
Hello,
Looks like that NLM always uses AUTH_SYS even if a client specified
another security flavor in the mount_nfs's "sec" option. Also NLM
on the server does not verify that NLM client's security flavor
is allowed by NFS exported file system, security flavors array from
VFS_CHECKEXP() is ignored in nlm/nlm_prot_impl.c:nlm_get_vfs_state().
Such behaviour of NLM I see on 10-CURRENT, I added log messages to
the kernel to see security flavors used by NFSv3 and NLM requests.
Both NFS client and server are on the same system, NFSv3 mounts are
from unprivileged users.
According to [1] NLMv4 allows to use different security flavors.
Can somebody comment such behaviour of NLM?
[1] http://pubs.opengroup.org/onlinepubs/9629799/chap14.htm
More information about the freebsd-fs
mailing list