Changes between Version 8 and Version 9 of nfs-utils


Ignore:
Timestamp:
02/11/2020 08:10:50 PM (4 years ago)
Author:
ken@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • nfs-utils

    v8 v9  
    11= NFS Utilities =
    22
    3 There is a vulnerability in all Linux kernels at the time of this writing that allows remote attackers to mark the ext2 or ext3 filesystem exported via NFS as dirty and needing recovery. A working exploit is available from http://bugzilla.kernel.org/show_bug.cgi?id=6828. If the ext2 or ext3 filesystem is mounted with a non-default "errors=remount-ro" or "errors=panic" option, the attacker will be able to cause it to be remounted read-only on the server, or cause a filesystem panic, respectively. Without those options, the journal is turned off.
     3== DESTDIR ==
    44
    5 Any of the following methods is sufficient to resolve the problem:
     5Because of chown during the install, DESTDIR only works if run as root.
    66
    7  * Don't export ext2 and ext3 filesystems via NFS (even read-only) if there is a possibility that the exploit will be used against your server. Use any other filesystem instead of ext2 or ext3.
    8  * Don't use the kernel-space NFS server. A userspace NFSv3 server is available from http://unfs3.sourceforge.net/  and can be installed instead of NFS Utilities.
    9  * Upgrade the kernel to version 2.6.16.x with x >= 29, or 2.6.17.x  with x >= 11
    107[wiki:MajorServers Up][[br]]
    118[wiki:BlfsNotes Top]
    12 
    13 I'm not sure but I think the MD5-Checksum for nfs-utils-1.0.10 form the stable blfs is incorrect. I got 1949634d0dc896696d8a880bdca622c8 with the Source form kernel.org and with the soruce from http://surfnet.dl.sourceforge.net/sourceforge/nfs/ which I got from SourceForge.
    14 
    15 = DESTDIR =
    16 
    17 Because of chown during the install, DESTDIR only works if run as root.