Re: [PATCH 0/7] Permit filesystem local caching and NFS superblocksharing [try #13]

[Trond Myklebust]

On Thu, 2006-09-07 at 13:30 +0800, Ian Kent wrote:
> On Wed, 2006-09-06 at 14:24 +0100, David Howells wrote:
> > Trond Myklebust <trond.myklebust@xxxxxxxxxx> wrote:
> > 
> > > It really doesn't matter whether there is a symlink or not. automounters
> > > should _not_ be trying to create directories on any filesystem other
> > > than the autofs filesystem itself.
> > 
> > Yes, I agree.
> 
> Not really.
> 
> What about multiple recursive bind mounts?
> What about the initial directory for the autofs mount itself?
> 
> What about the case where a admin expects autofs to create these
> directories for map entries that have multiple offsets.
> 
> As I've said before in version 5 I'm saying that it is a requirement
> that the the directories already exist in this case but in version 4
> people may have become accustomed to this behavior and right or wrong
> this type of change shouldn't be made without warning to the users or
> possibly not made at all.

What part of the phrase "security risk" are you failing to understand?
If anybody out there is actually relying on having an automounter daemon
that is running with root privileges try to create directories on remote
servers on the basis of the output of the 'showmount' command, then they
need saving from themselves.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/