SourceForge has been redesigned. Learn more.
Close

#194 root access to NFS without giving a password?

v0.68
closed
5
2014-02-17
2007-05-03
Graham Toal
No

Didn't get any comments when I posted this on the help forum and it seems serious enough to be worth pusuing as a bug. If it turns out to be a feature,
I'ld recommend putting a warning message on the web page where it is enabled.


I just now turned on NFS after applying the 0.685b upgrade. I did not
check the 'all users are root' button.

I did the following from a vmware instance of FC4 on my desktop:

(my server IP address is masked)

================================
[root@localhost ssn-cwid]# showmount -e XXX.XXX.XXX.XXX
Export list for XXX.XXX.XXX.XXX:
/mnt/d XXX.XXX.XXX.0

[root@localhost ssn-cwid]# cd /mnt

[root@localhost mnt]# ls

[root@localhost mnt]# mkdir d

[root@localhost mnt]# mount -t nfs XXX.XXX.XXX.XXX:/mnt/d /mnt/d

(VERY LONG WAIT AT THIS POINT, UNTIL I HIT ^C)

Interrupt
[root@localhost mnt]#

[root@localhost mnt]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
7459216 6753956 320236 96% /
/dev/hda1 101086 10063 85804 11% /boot
/dev/shm 127808 0 127808 0% /dev/shm
XXX.XXX.XXX.XXX:/mnt/d
709521952 318816 652441376 1% /mnt/d

[root@localhost mnt]# ls /mnt/d
graham toal

[root@localhost mnt]# cd /mnt/d/graham

[root@localhost graham]# ls
Desktop Backup FreeNAS-generic-pc-0.685b-nb20070429.img mfsroot test

[root@localhost graham]# echo test > X

[root@localhost graham]# ls
Desktop Backup FreeNAS-generic-pc-0.685b-nb20070429.img mfsroot test X

[root@localhost graham]# rm X
rm: remove regular file `X'? y

[root@localhost graham]# ls
Desktop Backup FreeNAS-generic-pc-0.685b-nb20070429.img mfsroot test

=================================================

Note that at no time did I enter a password for the remote system,
and the local users on that system don't exist on the FC4, and the
root passwords on the two systems are different.

How did I get access??? This would seem to suggest that anyone
with a NFS client in the allowed list of IPs can have full root
access to the server disks? If so, imagine this scenario: we have
a class C subnet with 50-60 people on it, but only 10 who are allowed
access to the NAS; however everyone is on DHCP, so there are no
fixed IPs and no way to be selective as to who is allowed access by IP,
even if we restrict access to the local Class C.

There's nothing in the setup guide or the FAQ to suggest this model of security,
and I'm sure it's not what NFS users expect.

Graham

Discussion

  • Olivier Cochard-Labbe

    Logged In: YES
    user_id=1370551
    Originator: NO

    It's a normal NFS comportement:
    you were root on your local workstation:
    [root@localhost ssn-cwid]

    Then NFS use the local root for access to the NFS share.

     
  • Volker

    Volker - 2007-12-26

    Logged In: YES
    user_id=1598685
    Originator: NO

    Bug tracker cleanup. Please reopen if problem still exists.

    Regards
    Volker

     

Log in to post a comment.