Re: NFS exporting

Aggelos D. Keromitis (kermit@ics.forth.gr)
Thu, 14 Apr 1994 17:08:31 +0300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rob Quinn: "Re: NFS exporting"
Previous message: smb@research.att.com: "Re: NFS exporting"
In reply to: Carl Corey: "Re: NFS exporting"
Next in thread: smb@research.att.com: "Re: NFS exporting"

In message <9404140442.AA22725@Princeton.EDU>, Carl Corey writes:
>Now, are we talking exporting writeable to everyone, or _any_ NFS exported
>writeable partition?
>
Just NFS exported writable partition...
The whole purpose of mountd is to give the client who mounts a
 filesystem a valid filehandle of the top directory of that
 filesystem...problem is you can send NFS requests directly to the
 nfsd and try to GUESS a file handle...at that point (nfsd) there is no
 authorization check...

>is this exploitable?  How would it be exploited?  Is there a way to keep
>people from exploiting it (besides not exporting it)?

Well, thats what this discussion's been about so far :-)
I THOUGHT secure RPC was secure...if it was using the algorithms 
 correct, it should be....as it seems, a poor implementation blew this
 up...
-Aggelos

Next message: Rob Quinn: "Re: NFS exporting"
Previous message: smb@research.att.com: "Re: NFS exporting"
In reply to: Carl Corey: "Re: NFS exporting"
Next in thread: smb@research.att.com: "Re: NFS exporting"