[openib-general] mapping between IP address and device name

Hal Rosenstock halr at voltaire.com
Fri Jun 24 10:13:12 PDT 2005


On Fri, 2005-06-24 at 12:42, Roland Dreier wrote:
>     Thomas> But that's totally and completely insecure. The goal of
>     Thomas> /etc/exports is to place at least part of the client
>     Thomas> authentication in the network rather than the supplied
>     Thomas> credentials. NFS has quite enough of a history with
>     Thomas> AUTH_SYS to prove the issues there. Some of the exports
>     Thomas> options (e.g. the *_squash ones) are specifically because
>     Thomas> of this.
> 
> ATS is completely insecure too, right?  A client can create any old
> service record in the subnet administrator's database and claim that
> its GID has whatever IP address it wants.

The first level of IB trust in terms of the SA (authenticaing the
requestor) is restrictions based on access (partitioning). This is true
for a number of SA attributes which is more than (just) ServiceRecords.

But we do trust the kernel, right ? So the only issue would be user
space creation and deletion of these records. There could be checking in
the kernel as to the registration/deregistration being appropriate for
the configuration. I think this is the same issue whatever way it is
done (whether by SRs or CM private data).

-- Hal




More information about the general mailing list