[PATCH 00/13] nfsd patches
J. Bruce Fields
bfields at fieldses.org
Mon Sep 11 13:35:37 EDT 2006
On Mon, Sep 11, 2006 at 01:24:45PM -0400, Talpey, Thomas wrote:
> At 01:01 PM 9/11/2006, J. Bruce Fields wrote:
> >The hostlist escaping is overkill. (Anyone attempting to use such
> >characters in a hostname deserves whatever they get.) But maybe it's
> >safer that way.
>
> I thought the escaping was needed on the pathname components,
> which can have all sorts of characters. Hostnames can only have
> ascii alphanumerics and "-" by DNS standard however. Technically,
> anyhow.
That's my understanding. I'd be OK with just telling mountd, or users,
or whatever, not to pass down exports information like that.
But maybe someday someone parsing that output will wrongly assume the
kernel is protecting them from this case, and maybe that'll leave them
vulnerable to some odd exploit.
Seems wildly unlikely, but what the heck, it's easy enough just to do
the bit of extra escaping.
--b.
More information about the NFSv4
mailing list