Trond Myklebust <trond.myklebust <at> fys.uio.no> writes: > On Fri, 2007-07-06 at 09:40 -0400, Peter Staubach wrote: > > It was misguided on someone's part to think that no ACLs meant that > > checking the mode bits for permissions was sufficient. > > Yup. It seems to me that disabling ACCESS might prevent clients from knowing whether an operation is allowed, but it would not allow clients to bypass server ACLs. From a security perspective, then, I would think disabling ACCESS would not affect the correctness of the protocol. In other words, if a client with ACCESS disabled determined (by mode bits alone) that a read operation was allowed, and issued a READ call, would the server still determine whether the request was allowed (according to its ACL and user mapping policy), and return NFS3ERR_ACCES if not? > The correct way to deal with the problem of too many ACCESS calls > was rather to improve the caching. There should be a vast difference > between a 2.6.19 kernel or higher and earlier versions when it comes to > the ability to cache credentials from multiple users and I hope that > addresses the problems that people were seeing. ACCESS calls make up 17% of the NFS ops generated by our application running on a stock CentOS 5 2.6.18 kernel. We don't use ACLs or root mapping. One user (root) performs all file access on the NFS volume in question. Would the credential caching you mention in 2.6.19 help us reduce the number of ACCESS operations we see (even though only one user is performing file I/O)? Is it safe to apply a patch to eliminate ACCESS altogether? Thanks, Clay -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html