Re: NFS question

Peter Benie (pjb1008@cam.ac.uk)
Mon, 5 Oct 1998 11:21:15 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Luyer: "Re: NFS question"
Previous message: Sid Boyce: "RE: Let's Hear it for Linux: ? Yawn"
In reply to: Alan Cox: "Re: NFS question"

Alan Cox writes ("Re: NFS question"):
> > > > behaviour under similar circumstances - it allows execution of 711 files,
> > > > but it also allows such a files to be read :(
> > >
> > Ooops. That is a real bug. Please try the new patch here.
>
> No its not a bug. Its a feature. NFS should not allow execute only files
> to be read. Your security model is complete crap if you do so.

I disagree. Consider the case where you are exporting files to a
trusted machine - unprivileged users can execute but not read the file,
which is what you wanted.

It is only a security risk if you are exporting files to machines that
are not under your control.

Peter

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Luyer: "Re: NFS question"
Previous message: Sid Boyce: "RE: Let's Hear it for Linux: ? Yawn"
In reply to: Alan Cox: "Re: NFS question"