[Bug 191218] mountd: can't change attributes for XXXXXXX: Invalid radix node head, rn: 0 0xXXXXXXXXXXXXXXX; can still mount path
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191218 Allan Jude allanj...@freebsd.org changed: What|Removed |Added CC||allanj...@freebsd.org --- Comment #6 from Allan Jude allanj...@freebsd.org --- If you read exports(5) there is some confusingly worded instruction on this point What you actually want to do to export those 2 subdirectories is: /tmp/bar /tmp/foo -alldirs localhost However, the security is only enforced by mountd, not the nfs daemon, so you should consider that. -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to freebsd-bugs-unsubscr...@freebsd.org
[Bug 191218] mountd: can't change attributes for XXXXXXX: Invalid radix node head, rn: 0 0xXXXXXXXXXXXXXXX; can still mount path
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191218 yaneurab...@gmail.com changed: What|Removed |Added CC||delp...@freebsd.org, ||rmack...@freebsd.org --- Comment #1 from yaneurab...@gmail.com --- The security team might want to audit this to ensure that this isn't a security vulnerability. -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to freebsd-bugs-unsubscr...@freebsd.org
[Bug 191218] mountd: can't change attributes for XXXXXXX: Invalid radix node head, rn: 0 0xXXXXXXXXXXXXXXX; can still mount path
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191218 yaneurab...@gmail.com changed: What|Removed |Added Severity|Affects Only Me |Affects Some People -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to freebsd-bugs-unsubscr...@freebsd.org
[Bug 191218] mountd: can't change attributes for XXXXXXX: Invalid radix node head, rn: 0 0xXXXXXXXXXXXXXXX; can still mount path
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191218 Xin LI delp...@freebsd.org changed: What|Removed |Added CC|delp...@freebsd.org | --- Comment #2 from Xin LI delp...@freebsd.org --- Exporting subdirectories of a mountpoint is problematic and this is a well known limitation of the protocol. I don't consider this as a security issue because the administrator is supposed to know what they are doing. -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to freebsd-bugs-unsubscr...@freebsd.org
[Bug 191218] mountd: can't change attributes for XXXXXXX: Invalid radix node head, rn: 0 0xXXXXXXXXXXXXXXX; can still mount path
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191218 --- Comment #3 from yaneurab...@gmail.com --- (In reply to yaneurabeya from comment #0) ... As shown above, /tmp/bar doesn't show up via showmount -e for the list of exports but the path is mountable and I created /tmp/hello_world, and it This should have been /tmp/bar/hello_world (In reply to Xin LI from comment #2) Exporting subdirectories of a mountpoint is problematic and this is a well known limitation of the protocol. I don't consider this as a security issue because the administrator is supposed to know what they are doing. The security concern was over the fact that mountd is clearly reporting an error in the code, but hiding the fact that it's actually an error; unless the administrator is looking for errors from mountd, they have absolutely _no_ idea that the path is actually exported. -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to freebsd-bugs-unsubscr...@freebsd.org
[Bug 191218] mountd: can't change attributes for XXXXXXX: Invalid radix node head, rn: 0 0xXXXXXXXXXXXXXXX; can still mount path
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191218 Xin LI delp...@freebsd.org changed: What|Removed |Added CC||delp...@freebsd.org --- Comment #4 from Xin LI delp...@freebsd.org --- (In reply to yaneurabeya from comment #3) (In reply to Xin LI from comment #2) Exporting subdirectories of a mountpoint is problematic and this is a well known limitation of the protocol. I don't consider this as a security issue because the administrator is supposed to know what they are doing. The security concern was over the fact that mountd is clearly reporting an error in the code, but hiding the fact that it's actually an error; unless the administrator is looking for errors from mountd, they have absolutely _no_ idea that the path is actually exported. mountd have (correctly) reported that it was unable to change the export attributes, we could, of course, use better error message, but if the administrator chooses to ignore error messages, there is nothing we can do with it. Also, exporting subdirectories just plain doesn't work because the NFS client can still request anything in the mountpoint. Properly implemented client does not allow it but an attacker do not have to use a properly implemented one. This is well known and relying on this security model is just plain wrong. -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to freebsd-bugs-unsubscr...@freebsd.org
[Bug 191218] mountd: can't change attributes for XXXXXXX: Invalid radix node head, rn: 0 0xXXXXXXXXXXXXXXX; can still mount path
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191218 --- Comment #5 from yaneurab...@gmail.com --- (In reply to Xin LI from comment #4) (In reply to yaneurabeya from comment #3) (In reply to Xin LI from comment #2) Exporting subdirectories of a mountpoint is problematic and this is a well known limitation of the protocol. I don't consider this as a security issue because the administrator is supposed to know what they are doing. The security concern was over the fact that mountd is clearly reporting an error in the code, but hiding the fact that it's actually an error; unless the administrator is looking for errors from mountd, they have absolutely _no_ idea that the path is actually exported. mountd have (correctly) reported that it was unable to change the export attributes, we could, of course, use better error message, but if the administrator chooses to ignore error messages, there is nothing we can do with it. Also, exporting subdirectories just plain doesn't work because the NFS client can still request anything in the mountpoint. Properly implemented client does not allow it but an attacker do not have to use a properly implemented one. This is well known and relying on this security model is just plain wrong. I forgot to include the fact that localhost:/tmp/bar was mounted to /mnt ; this was implied in my reproduction steps. /tmp/foo and /tmp/bar are two distinct paths. Why is /tmp/foo being exported if it's not showing up in showmount -e? Yes, I know that I've been playing in Linux for a little too long (9 months), and looking back I'm not using the prescribed syntax for exports(5), but I expected the code to not export /tmp/bar and it did. (posing the question differently) As a sysadmin/support engineer, how could I understand that mountd has actually exported the directory if the tools that should be doing this (showmount -e) don't print out anything meaningful? -- You are receiving this mail because: You are the assignee for the bug. ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to freebsd-bugs-unsubscr...@freebsd.org