Re: [PATCH] private mounts

From: Miklos Szeredi
Date: Thu Apr 28 2005 - 03:44:57 EST

Next message: Andy Isaacson: "Re: [PATCH][RFC] Linux VM hooks for advanced RDMA NICs"
Previous message: Pavel Machek: "Re: [PATCH] private mounts"
In reply to: Pavel Machek: "Re: [PATCH] private mounts"
Next in thread: Trond Myklebust: "Re: [PATCH] private mounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > The NFS security model is based on the principle that the administrator
> > of the SERVER can override access permissions on his/her hardware. Pray
> > tell why you think that is "broken"?
>
> Well, administrator on CLIENT can impersonate whoever he wants,

Not really. Root squash has the very important effect that whatever
the client does, it cannot impersonate "root".

Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andy Isaacson: "Re: [PATCH][RFC] Linux VM hooks for advanced RDMA NICs"
Previous message: Pavel Machek: "Re: [PATCH] private mounts"
In reply to: Pavel Machek: "Re: [PATCH] private mounts"
Next in thread: Trond Myklebust: "Re: [PATCH] private mounts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]