On Thu, 4 Jun 2009, Doug Rabson wrote: >> I would start looking at svc_getcred() and blame at least the AUTH_UNIX >> case; end of rpc/svc_auth.c. This looks like a big NO-NO. I am pretty >> sure I'd also want to audit svc_rpc_gss(), just in case. > > The NFS server is creating a ucred which describes the privileges to be > given to the remote user. What is the correct way to do this and where can I > read the documentation? In practice, all credentials in the system are (often quite indirectly) derived from one of two root credentials, those belong to swapper and init. Typical practice, on initializing a kernel service, is to take an additional reference on the credential that configured the service and derive future credentials from it. I think this is what the old NFS code did, presumably either directly borrowing a proc 0 credential, or from the syscall turning on the NFS server. Robert N M Watson Computer Laboratory University of CambridgeReceived on Thu Jun 04 2009 - 08:28:33 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:49 UTC