Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 03a816b46d7eba78da11e4025f0af195b32fa464
commit03a816b46d7eba78da11e4025f0af195b32fa464[log] [tgz]
authorSteve Dickson <SteveD@redhat.com>Wed Sep 09 15:06:05 2009 -0400
committerJ. Bruce Fields <bfields@citi.umich.edu>Tue Dec 15 14:07:24 2009 -0500
tree5069e9183dd5535c61bc7eff8a8a03202a19568d
parentf2ca7153ca49a407ea1c7232c9fa7e9849f03f9c [diff]
nfsd: restrict filehandles accepted in V4ROOT case

On V4ROOT exports, only accept filehandles that are the *root* of some
export.  This allows mountd to allow or deny access to individual
directories and symlinks on the pseudofilesystem.

Note that the checks in readdir and lookup are not enough, since a
malicious host with access to the network could guess filehandles that
they weren't able to obtain through lookup or readdir.

Signed-off-by: Steve Dickson <steved@redhat.com>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
3 files changed
tree: 5069e9183dd5535c61bc7eff8a8a03202a19568d
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. MAINTAINERS
  28. Makefile
  29. README
  30. REPORTING-BUGS