On Fri, 16 Apr 1999, David Lang wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> The environment that this senerio would be most likly to be used in would
> not be using a Linux box for the NFS server, instead it would be using
> something like a Network appliance (or their higher end competitor,
> Auspecs or domwthing like that). These boxes run their own OS, have their
> own filesystem and are heavily tuned (raid for disks, large amounts of
> static ram to buffer writes to, etc). They are also not cheap, the one I
> am using at my web farm here runs ~$60,000. not having the ability to use
> any capabilities for files residing on this system would be a drawback.
Well, as much as I hate to suggest it again, you _could_ hack the nfs
client to honor sticky as cap-enabled, but only if you can exercise total
filesystem security. I only like the sticky bit for compatibility
reasons, because currently it has no other interpretation. I still
disdain setuid root, because both the setuid bit and the uid already serve
another purpose. I reallize this information can be duplicated in the
headers, but I just don't like it.
cheers,
David
- --
David L. Parsley
Network Specialist
City of Salem Schools
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/