dana@tread.wpd.sgi.com (Dana Treadwell) (05/08/91)
No kidding: Sun introduced a bug in their SunOS 4.1 NFS server code (that is still present in 4.1.1) which allows *any* client to change a file's size, with or without permission to do so. This opens the door to file corruption/data loss on the server. For instance, for some non-Sun NFS clients, if a user running as root on the client tries to write to a file for which (s)he doesn't have write permission, the file will be truncated to 0 bytes on the Sun server. If you have an IRIS NFS client using a Sun running 4.1(.1) as an NFS server, I strongly advise you to contact Sun for their patch. The bug is in Sun's database as #1045536 and/or #1058798. In the meantime, you might want to export all filesystems 'ro' on your Sun(s). Dana dana@sgi.com