Re: [nfsv4] Review of http://www.ietf.org/id/draft-naik-nfsv4-xattrs-01.txt
David Quigley <dpquigl@davequigley.com> Wed, 08 October 2014 13:21 UTC
Return-Path: <dpquigl@davequigley.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 644381A1A56 for <nfsv4@ietfa.amsl.com>; Wed, 8 Oct 2014 06:21:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0dhhu1VXF5Sp for <nfsv4@ietfa.amsl.com>; Wed, 8 Oct 2014 06:21:23 -0700 (PDT)
Received: from countercultured.net (countercultured.net [IPv6:2001:470:0:c0d3::2]) by ietfa.amsl.com (Postfix) with SMTP id C9B691A0469 for <nfsv4@ietf.org>; Wed, 8 Oct 2014 06:21:22 -0700 (PDT)
Received: (qmail 11968 invoked from network); 8 Oct 2014 13:21:22 -0000
Received: from countercultured.net (HELO webmail.countercultured.net) (2001:470:0:c0d3::2) by countercultured.net with SMTP; 8 Oct 2014 13:21:22 -0000
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Content-Transfer-Encoding: 7bit
Date: Wed, 08 Oct 2014 09:21:22 -0400
From: David Quigley <dpquigl@davequigley.com>
To: Nico Williams <nico@cryptonector.com>
In-Reply-To: <20141003192008.GD4981@localhost>
References: <CCBBAAB7-B2DE-4378-BBFD-3DAB03630707@primarydata.com> <20141002225325.GC412@localhost> <BD02BA26-A9E8-4963-808D-ABF3ACD082D4@primarydata.com> <20141003192008.GD4981@localhost>
Message-ID: <aedbabcb589ebec71799edbba4a40784@countercultured.net>
X-Sender: dpquigl@davequigley.com
User-Agent: Roundcube Webmail/1.0.2
Archived-At: http://mailarchive.ietf.org/arch/msg/nfsv4/TCnMGTCALdrR98vNJmnVD6-dICA
Cc: NFSv4 <nfsv4@ietf.org>
Subject: Re: [nfsv4] Review of http://www.ietf.org/id/draft-naik-nfsv4-xattrs-01.txt
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Oct 2014 13:21:32 -0000
On 10/03/2014 15:20, Nico Williams wrote: > >> The draft takes the stance that xattrs exist on many platforms, there >> is no standard for their use, and that means there is no need to >> define any requirements for the use in NFS. > > Here I agree with you that the I-D must explain how the server helps > mediate access control. And it must explain that some xattrs have > security-relevant semantics. But that's as far as an NFSv4 > specification can go here. > I think that the xattrs exposed through this shouldn't be security-relevant unless you're talking about application layer security. I don't care if a web app or some user-space program uses an xattr for its internal access control but anything beyond that I don't think is ok. Trond in the past has expressed concerns about people establishing arbitrary sub protocols by using xattrs. I agree that this is a problem because it opens up the system to interoperability issues by encouraging people to bypass any sort of standardization effort and just using the excuse that its just opaque data. >> 2) Subject/Object labels can control access to the xattr. >> >> So some of these concerns go away with LNFS. But the fact that LNFS >> does take care of some of the security in my mind means that the draft >> needs to call out what happens when there is no LNFS available. > > LNFS seems orthogonal here. RPCSEC_GSSv3 is more relevant. > I agree. LNFS is just another way of conveying access control and because we punted on syntax, semantics and enforcement I think the only references to access control should be what is concretely defined in NFSv4. In that case it would be existing RPCSEC_GSS flavors for authentication and NFSv4 ACLs. > Nico
- [nfsv4] Review of http://www.ietf.org/id/draft-na… Tom Haynes
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Tom Haynes
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… J. Bruce Fields
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Manoj Naik
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Thomas Haynes
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Manoj Naik
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Nico Williams
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Thomas Haynes
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Nico Williams
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Christoph Hellwig
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Christoph Hellwig
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… David Quigley
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Matt W. Benjamin
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… David Quigley
- Re: [nfsv4] Review of http://www.ietf.org/id/draf… Nico Williams