rml@hpfcdc.UUCP (02/05/87)
I'm curious as to how various systems which support both a distributed
filesystem and symbolic links handle the semantics of a symlink on the
server machine with an absolute pathname. I'm aware that Sun's NFS
parses the symlink on the client side, and was wondering about other
systems, especially Eighth Edition.
Bob Lenk
{ihnp4, hplabs}!hpfcla!rmldmr@alice.UUCP (02/07/87)
Bob Lenk wondered about the interpretation of symbolic links by file servers. The issue is the meaning a link to an "absolute" name (beginning with /). In the Eighth Edition (and now the Ninth Edition) the formal answer is that you get to choose: the server takes an argument indicating whether it should interpret the / as the root of its machine or of its client. In practice, the flag is always set so that symlinks refer to the root of the server. The reason for doing this is that the links are always used to simplify naming on the machine on which they exist; for example, on one of them, /usr is full of links to the actual locations of people's home directories (/usr/dmr -> /usr1/dmr). It's true that even under the other interpretation, the links could have been coded differently (/usr/dmr -> ../usr1/dmr) but they weren't. More fundamentally, in our naming scheme there is no super-root (above / on all the machines). I think this is true of both NFS and RFS as well. In the Newcastle Connection, there is such a concept (/..) but even there, the name interpretation is such that / means "root of this machine's file system." In all of these schemes the various machines tend to be members of a confederacy instead of a union. To get find examples of the latter, you have to go a bit farther afield (e.g. to Locus). If / does not refer to a unique place, then its desired meaning in a symbolic link will inevitably be circumstantial. If a server machine exists solely to supply a file system to its clients, then a case can be made that / on the server machine should mean the root of the client. If clients and servers are symmetric, the meaning really has to be with respect to the server. Dennis Ritchie
ekrell@ulysses.UUCP (02/08/87)
In article <6625@alice.uUCp> dmr@alice.UUCP writes: >The reason for doing this is that the links are always used to >simplify naming on the machine on which they exist; for example, >on one of them, /usr is full of links to the actual locations >of people's home directories (/usr/dmr -> /usr1/dmr). The problem I have with this is that when a machine running RFS advertises a subtree of a file system, its intention is not to advertise its entire file systems, only a subset. I now can create a symbolic link in /tmp (or any other directory writable by me) on the server pointing to "/" and all of a sudden I gain access to the server's entire file system, breaking the intended security restriction. Either way you lose, it seems to me. There is no simple answer. -- Eduardo Krell AT&T Bell Laboratories, Murray Hill {ihnp4,seismo,ucbvax}!ulysses!ekrell