Date: Mon, 31 Aug 98 17:18 BST From: alan@lxorguk.ukuu.org.uk (Alan Cox) To: linux-kernel@vger.rutgers.edu Subject: Security Problems; knfsd knfsd is called inode operations directly. Unfortunately its not also duplicating the security checking preamble that leads up to them. This means we have problems where any NFS client can create device files as any user for example. In paticular it skips the read only file system check, the only root can make non fifo devices check and other stuff. Skipping the ROFS check could cause pretty serious problems alone. Alan - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html