Return-Path: Received: from mail-oi0-f41.google.com ([209.85.218.41]:37165 "EHLO mail-oi0-f41.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751327AbeFANdA (ORCPT ); Fri, 1 Jun 2018 09:33:00 -0400 Received: by mail-oi0-f41.google.com with SMTP id l22-v6so14763521oib.4 for ; Fri, 01 Jun 2018 06:33:00 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: <828f320cde910a45983d91bddb6477d21c5cae33.camel@hammerspace.com> References: <2cf94c6b-e819-79af-4ac9-3b19d26dc6d9@suse.de> <75266c983a03f6dbfd5d1a39c94fa6d56a1a8a22.camel@hammerspace.com> <20180531004554.GA29116@fieldses.org> <128c74cb1507d7eab36ac8d32182dbbc7d3f9f88.camel@hammerspace.com> <95e00ce46fe1f5fed50fe24947eee0dda51e0140.camel@hammerspace.com> <828f320cde910a45983d91bddb6477d21c5cae33.camel@hammerspace.com> From: Miklos Szeredi Date: Fri, 1 Jun 2018 15:32:59 +0200 Message-ID: Subject: Re: nfs4_acl restricts copy_up in overlayfs To: Trond Myklebust Cc: "rgoldwyn@suse.de" , "bfields@fieldses.org" , "agruenba@redhat.com" , "linux-nfs@vger.kernel.org" , "linux-unionfs@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-nfs-owner@vger.kernel.org List-ID: On Fri, Jun 1, 2018 at 3:16 PM, Trond Myklebust wrote: > ...and all I'm doing is pointing out that as long as you insist on > client enforcement of file security, then you are heavily limiting the > list of servers and server configurations that you will be able to work > safely with. There is a reason why, in all the 30 years since the NFSv2 > spec was released, nobody has built such a client. How do you define "safely"? Is it safe for root to do cp -a /nfs/remotedir /tmp/localdir ? That's essentially what an overlayfs mount with an NFS layer does with respect to access permissions: - remote files are not modifiable to anyone, unless server allows - remote files *readable to root* will provide access based on local DAC check. Does that need to be made clear in the docs? Surely. But it does NOT mean it's dangerous or that it's not useful with an arbitrary NFS server (although my guess is that 99% will involve knfsd). Thanks, Miklos