In article <m0xWbju-000CdYC@nevets.oau.org> you write:
>[...]
>I think a direct iget to retrieve the inode from the NFS file handle
>is probably a good idea when all other options fail. However, I am
>concerned that this may add security holes.
Note that inode guessing is one reason for including inode generation
numbers in NFS file handles (as is done in the BSD NFS implementation).
(Another reason is to avoid that a a file handle for /tmp/a remains valid
if the inode is reused for a new file [i.e. cleared, then reused].)
By the way, BSD implementation of NFS depends on the exported filesystems'
implementations to provide methods to convert a vnode (VFS pendant of
inode) to a file handle and vice versa. Every file handle contains an
identification of the mount which generated it.
Hope that helps a bit.
Regards, Felix.