Subject: kern/3019: a client can write an read-only exported file-system
To: None <gnats-bugs@gnats.netbsd.org>
From: Manuel BOUYER <bouyer@antioche.ibp.fr>
List: netbsd-bugs
Date: 12/11/1996 11:27:01
>Number: 3019
>Category: kern
>Synopsis: a client can write an read-only exported file-system
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: kern-bug-people (Kernel Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Dec 11 02:35:00 1996
>Last-Modified:
>Originator: Manuel BOUYER
>Organization:
MASI, Universite Paris VI.
>Release: 1.2_BETA
>Environment:
NetBSD antioche.ibp.fr 1.2_BETA NetBSD 1.2_BETA (ANTIOCHE) #0: Tue Oct 22 14:36:40 MET DST 1996 bouyer@dess106.ibp.fr:/usr/src/src_current/sys/arch/i386/compile/ANTIOCHE i386
>Description:
An read-only exported NFS file system can be written by (at last)
an NetBSD 1.2 client. I guess this is a bug on the server side, so any
clients can write it (but I only have root access to NetBSD hosts, so
I can't verify it)
>How-To-Repeat:
antioche#/>cat /etc/exports
/home/ftp -ro -network 132.227.61.0 -mask 255.255.255.0
antioche#/>ps ax|grep mount
59 ?? IWs 0:01.50 mountd
23910 p0 S+ 0:00.18 grep mount
antioche#/>kill -HUP 59
[note the -ro flag for /home/ftp]
antifer#/promethee/bouyer>mount antioche:/home/ftp /mnt
antifer#/promethee/bouyer>mount antioche:/home/ftp /mnt
antifer#/promethee/bouyer>su - bouyer
antifer:/promethee/bouyer>cd /mnt/pub/NetBSD
antifer:/mnt/pub/NetBSD>ls -ld .
drwxr-xr-x 5 bouyer wheel 512 Oct 29 15:10 .
antifer:/mnt/pub/NetBSD>
antifer:/mnt/pub/NetBSD>ls
NetBSD-current sup unofficial
antifer:/mnt/pub/NetBSD>cat >toto
qwerty
antifer:/mnt/pub/NetBSD>ls
NetBSD-current sup toto unofficial
[this file also appears on the server:
antioche#/>ls /home/ftp/pub/NetBSD/
.message NetBSD-current sup toto unofficial
antioche#/>cat /home/ftp/pub/NetBSD/toto
qwerty
>Fix:
Unknown.
>Audit-Trail:
>Unformatted: