> > > Note that NFS checks the permissions on _both_ the client and server, > > > for a reason. > > > > Does it? If I read the code correctly the client checks credentials > > supplied by the server (or cached). But the server does the actual > > checking of permissions. > > > > Am I missing something? > > Yes, for NFSv2, this test in nfs_permssion(): > > if (!NFS_PROTO(inode)->access) > goto out;
I've seen that, I just thought that was for some broken servers not for all NFSv2 servers. Anyway that's been fixed in NFSv3, so obviously the "permission checking on both sides" wasn't optimal :) > And for either version of NFS, if the uid and gid are non-zero, and > the permission bits indicate that an access is permitted, then the > client does not consult the server for permission. Where's that? I see no such check. Thanks, Miklos - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
