On Wed, 3 Jun 2009, Bjoern A. Zeeb wrote: > > I would start looking at svc_getcred() and blame at least the > AUTH_UNIX case; end of rpc/svc_auth.c. This looks like a big NO-NO. > I am pretty sure I'd also want to audit svc_rpc_gss(), just in case. > Oh, just to clarify. Earlier to-day I mentioned that the experimental server used crdup() of the nfsd's cred. That is only for certain state recovery cases where it needs a credential to play with. Normally it uses whatever the sys/rpc layer has provided it, as above. Again, I have no idea if using crdup() is correct? rickReceived on Thu Jun 04 2009 - 16:35:07 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:49 UTC