IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Stateless SFTP server and READDIR race condition.



This is kind of a nit-pick, but I seems to me that the SFTP server
cannot be implemented as a stateless server because the server must
track the directory offset to support multiple READDIR calls.  Also,
there is a potential race condition when there are multiple READDIR
calls.

NFS READDIR(at least version 2 and 3) returns a cookie to the client,
and the client passes the cookie back to the server so the stateless
server knows where it left off.  NFS version 3 also includes a cookie
verifier to detect directory changes that could occur between multiple
readdir calls.

I'm wondering if this is an issue that should be considered, both the
statelessness and detecting directory changes that happen in between
SFTP READDIR calls.

This is kind of a nit pick for a couple of reasons.  First,
statelessness is useful for crash recovery, but since NFS is UDP
(mostly) and SSH is TCP (always), it is easy for the client to detect a
server crash.  Second, since SFTP returns multiple directory entries
instead of one (as is the case with NFS) the window of vulnerability for
directory changes is only an issue for very large directories.

Thanks!

Mike Closson



Home | Main Index | Thread Index | Old Index