Hello Gluster-Devels,
I am interested in the crypt translator of glusterfs. Kaushal M told me that there is no maintainer at the moment. Does anybody of you know some technical details about that translator?
Today there is still no support for NFS Mounts. Is there a way to enable crypt translator for nfs mounts?
Edward Shishkin wrote (http://lists.gluster.org/
pipermail/gluster-users.old/ ):2014-August/018369.html In NFS mounts of GlusterFS volumes file operations usually don't have
file names. They manipulate with file handles instead (which actually
are GFIDs). Respectively, we have to be sure that every file handle
in the cache of the client machine is trusted. This is not simple to
implement with a guarantee that future changes in GlusterFS code won't
add a security hole, which will lead to appearing of non-verified file
handles in the cache of the client machine.
This seems to be only a security issue. As far as I know enabling crypt translator for nfs mounts
should be not a technical problem (but you have still that security issue with the untrusted gfid)
I really wondering myself about that translator. Yesterday it was not working with nfs but today it does HaHaHa
Regards
David Spisla
Software Developer
Tel: +49 761-590 34 841
Visit us at Booth #257 at:
iTernity GmbH
Heinrich-von-Stephan-Str. 21
79100 Freiburg – Germany
---
unseren technischen Support erreichen Sie unter +49 761-387 36 66
---Geschäftsführer: Ralf Steinemann
Eingetragen beim Amtsgericht Freiburg: HRB-Nr. 701332
USt.Id de-24266431
_______________________________________________
Gluster-devel mailing list
Gluster-devel@xxxxxxxxxxx
http://lists.gluster.org/mailman/listinfo/gluster-devel
--
_______________________________________________ Gluster-devel mailing list Gluster-devel@xxxxxxxxxxx http://lists.gluster.org/mailman/listinfo/gluster-devel
