svn commit: r318262 - head/usr.sbin/mountd

Bruce Evans brde at optusnet.com.au
Sun May 14 03:35:11 UTC 2017 

On Sun, 14 May 2017, Rick Macklem wrote:

> Log:
>  Change the default uid/gid values for nobody/nogroup to 65534/65533.
>
>  The default values found in /etc/passwd and /etc/group are 65534, 65533.
>  In mountd.c, the defaults were -2, which was 65534 back when uid_t was 16bits.
>  Without this patch, a file created by root on an NFS exported volume without
>  the "-root=" export option will end up owned by uid 4**32 - 2.
>  When discussed on freebsd-current@, it seemed that users preferred the
>  values being changed to 65534/65533.

I got used to 4294967294.  The large number makes it easy to see files
created by root on another system.  I mostly use nfs without maproot, and
create such files often using tmp directories to transfer files.

>  I have not added code to acquire these values from the databases, since
>  the mountd daemon might get "stuck" during startup waiting for a non-responsive
>  password database server.
>
>  Discussed on:	freebsd-current
>
> Modified:
>  head/usr.sbin/mountd/mountd.c

exports(5) is not modified, so still documents -2:-2 but not the actual
value of 4294967294:4294967294.  It seems dangerous to change the documented
default.

What happens if the server only supports 16-bit (or 15-bit, or 8-bit) uids?

> Modified: head/usr.sbin/mountd/mountd.c
> ==============================================================================
> --- head/usr.sbin/mountd/mountd.c	Sun May 14 00:23:27 2017	(r318261)
> +++ head/usr.sbin/mountd/mountd.c	Sun May 14 00:38:41 2017	(r318262)
> @@ -230,9 +230,9 @@ static char **exnames;
> static char **hosts = NULL;
> static struct xucred def_anon = {
> 	XUCRED_VERSION,
> -	(uid_t)-2,
> +	(uid_t)65534,
> 	1,
> -	{ (gid_t)-2 },
> +	{ (gid_t)65533 },
> 	NULL
> };
> static int force_v2 = 0;

The casts are now bogus.  They might have been needed to avoid warnings
about possible sign extension bugs...

> @@ -2893,8 +2893,8 @@ parsecred(char *namelist, struct xucred
> 	/*
> 	 * Set up the unprivileged user.
> 	 */
> -	cr->cr_uid = -2;
> -	cr->cr_groups[0] = -2;
> +	cr->cr_uid = 65534;
> +	cr->cr_groups[0] = 65533;
> 	cr->cr_ngroups = 1;
> 	/*
> 	 * Get the user's password table entry.

But there were no casts here, and the warnings should be the same.

Bruce

More information about the svn-src-all mailing list