Re: NFS mount with suid option

Tom S. Michalek · ‎02-16-2011

Trying to disable a nfs clients ability to run suid programs by nfs mounting with the nosuid option..

On NFS server...
smrs250a.root /tmp$ share -o nosuid,rw /HR91T2/data

On NFS client...
smrs530a.root /root$ mount smrs250a:/HR91T2/data /tmp/TSM

But, it doesn't appear to work...nosuid doesn't show up in mount options and I can execute nosuid scripts from the mount on the client...

smrs530a.root /root$ mount|grep TSM
/tmp/TSM on smrs250a:/HR91T2/data rsize=32768,wsize=32768,NFSv3,dev=1000006 on Wed Feb 16 12:50:36 2011

Tim Nelson · ‎02-16-2011

the 11.31 version of NFS server ( ONCPlus) does not support a nosuid option. In fact the native NFS on 11.23 does not either.

include the option on the client side ?

mount -F nfs -o nosuid nfsserver:/filesystem /filesystem

Tom S. Michalek · ‎02-16-2011

Yeah, thats not an option for one of the issues. The /var/opt/ignite/clients directory is getting flagged and make_net_recovery is doing those mounts...so I really haven't discovered a way to control this from the client which is why I was taking a look at options on the server.

Dennis Handly · ‎02-16-2011

>Tim: include the option on the client side?

Yes, that would be my suggestion too. We know it is a mount option.

On the server side, if you don't want to export SUID programs, change the permissions.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: NFS mount with suid option

NFS mount with suid option