On Tuesday 05 August 2003 09:04, Stephan von Krawczynski wrote:
> On Tue, 5 Aug 2003 09:36:37 -0400 (EDT)
>
> "Richard B. Johnson" <root@chaos.analogic.com> wrote:
> > A hard-link is, by definition, indistinguishable from the original
> > entry. In fact, with fast machines and the course granularity of
> > file-system times, even the creation time may be exactly the
> > same.
>
> Hello Richard,
>
> I really don't mind if you call the thing I am looking for a hardlink or a
> chicken. And I am really not sticking to creating them by ln or mount or
> just about anything else. I am, too, not bound to making them permanent on
> the media. All I really want to do is to _export_ them via nfs.
> And guys, looking at mount -bind makes me think someone else (before poor
> me) needed just about the same thing.
> So, instead of constantly feeding my bad conscience, can some kind soul
> explain the possibilities to make "mount -bind/rbind" work over a network
> fs of some flavor, please?
Not sure, but I suspect there would be a problem IF the -bind mount crosses
filesystems. If it doesn't cross the filesystems I wouldn't think there
would be much problem.
You do have to remember that any NFS export gives IMPLICIT access to the
entire filesystem (it is the device number that is actually exported). If
the attacker can generate device:inode number, then that file reference can
be opened. I haven't read/seen anything yet that has said different.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 07 2003 - 22:00:29 EST