Re: NFS permissions

Jan Kara (jack@atrey.karlin.mff.cuni.cz)
Wed, 21 Apr 1999 00:32:38 +0200


Hello.

> I solved the NFS puzzle, it seems like NFS treats
> <machine, username, usergroup> as a triple for
> authentication -- so a root:root on one machine is
> not the same as root:root on another! Thus, you
Of course. root is a bit special case. There is
option root_squash in NFS which means that root from other
machine is threated as nobody. This results in observed
behaviour.
> there. Ha. So when NFS-HOWTO says the username
> and the group must coincide on both machines for
> the right access, they probably forget to say you
> should come from the same machine and only can
> writeover stuff you put there yourself; also, you
> can start putting stuff only in a world-writeable
> directory on the remote site. Am I correct? I
No, I don't think so. The user and group numbers
must be same because NFS doesn't do any UID/GID
mapping (maybe I'm wrong here) and so you would be
able to access files of other users if you accidentaly
have their UID on other machine.
I think that behaviour resulted from you being root
and root_squash being on. If that's not the case
I'm sorry...

Honza.

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu