Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver

4 views
Skip to first unread message

Winston

unread,
Apr 29, 2013, 6:58:02 PM4/29/13
to
For the purpose of the NFS vulnerability in 9.0-RELEASE (GENERIC), would
it make any difference whether one has used /etc/exports and an
explicitly started nfsd, or exported the files using "zfs set
sharenfs={options}" if, in either case, the files being exported are ZFS
files? (That's probably similar to asking whether ZFS has its own NFSd
code separate from the vulnerable nfsd code.)

Also, freebsd-update fetch is not (yet) finding any updates for this
(which seems odd if updates are typically released before the
vulnerability announcement is made).

Thanks in advance,
-WBE

Winston

unread,
Apr 30, 2013, 3:06:08 AM4/30/13
to
I previously posted:
> For the purpose of the NFS vulnerability in 9.0-RELEASE (GENERIC), would
> it make any difference whether one has used /etc/exports and an
> explicitly started nfsd, or exported the files using "zfs set
> sharenfs={options}" if, in either case, the files being exported are ZFS
> files? (That's probably similar to asking whether ZFS has its own NFSd
> code separate from the vulnerable nfsd code.)

Following up my own article because I got a reply from
freebsd-security...

Their answer was that there's no difference between those two cases.
-WBE
0 new messages