NFS inconsistent with hard links

NFS inconsistent with hard links

Post by Alexander Kotopouli » Fri, 14 Jun 1996 04:00:00



Hi,

I have a Linux machine installed as a NFS server, but accessing the
exported filesystems from other UNIX machines is inconsistent. The best
reproducable error is that making hard links is not possible most of the
time. For example "ln test test2" on a nfs-mounted directory returns
"ln: cannot create link test2: Permission denied". This happens
randomly, but 80% of the time this error occurs.
I'm running on a plain installation of Slackware 3.0, the error happens
with kernels 1.3.69, 1.3.98 and 2.0.0. When I use the original kernel
1.2.13, nothing happens. I need the new kernels for supporting my 2940uw
and my SMC 8432 Network card.
Did I do something wrong, do I have to recompile something else beside
the kernel, do I need new nfsd, libc.so or other parts? I got nfsd 2.2
which was even worse.
(Error occured on 486/100 and Pentium/100, EIDE and Adaptec 2940uw, 3COM
3C509 and SMC 8432.)

Thank you for any hints, this bug is driving me mad,

    alex :-)

--
======================================================================
       / \                               Alexander Kotopoulis
      /   \                              Software Engineer
     /     \                             Phone:  (408) 369-6635
     \ Black & White Software, Inc.      Fax:    (408) 369-7406

       \ /                               WWW: http://www.blackwhite.com
                  2155 South Bascom Ave. Suite 210 Campbell, CA 95008
=======================================================================

 
 
 

1. NFS and Linux: are hard links a problem?

Greetings,

We have a nice Solaris file server with which we want to allow NFS
exporting to grad student Linux boxes.  We intend to employ "root
squashing" and export single accounts to single Linux boxes (only George's
files are NFS exported to George's Linux box).

I am told that this is done quite commonly.  We assume grad students are
fairly trustworthy.

Someone suggested that this might be a significant security hole because a
user on the server could create a hard link in their homedir to any file
they can "get to", whether or not they have read permission on the file
itself.  They could then log on to their linux box and read or alter such a
file.

For example, clever but nasty user "putin" wants to change a private file
owned by naive user "dubya" in this way:


    drwx--x--x  15 dubya    none         1024 Feb  5 17:08 /u/dubya/private/

    -rw-------  15 dubya    none         1543 Feb  3 12:23 /u/dubya/private/bowlingScores


    Welcome comrade (note: gotta change motd)




Is this a real problem?  Anyway of getting around this?  We have root
permission on the file server, obviously.

("ln" is an OS system call, so just rewriting the "ln" tool won't help; one
would have to hack the kernel and I don't have the source code to Solaris
:-)

Any enlightnement and/or expert advice greatly appreciated.

-- Mike

--
Michael Godfrey PhD, Assistant Professor
Univ of Waterloo, Dept of Computer Science

URL:    http://plg.uwaterloo.ca/~migod

2. can't load library 'libgdbm.so.2' with Slackware 3.0 installation

3. NFS breaking Soft and Hard links

4. Problem with 16MB RAM vs CL-GD5429.

5. NFS: Are hard links a problem?

6. PEXlib

7. nfs, lpd, & hard links

8. Trouble logging on to CDE hosts with X -query

9. NFS exports and hard links

10. Inconsistent ftp thruput over satellite link

11. About Hard Link/soft link

12. how do I determine which file is linked to another (hard link)

13. Hard links vs. Soft links