[OpenAFS-devel] Re: Initial implementation of RestrictedQuery,
please comment
Jeffrey Hutzelman
jhutz@cmu.edu
Tue, 18 Mar 2014 10:42:22 -0400
On Tue, 2014-03-18 at 15:26 +0100, Gergely Risko wrote:
> - GetEntryByName can be used as GetEntryById by giving it a number as
> a string, but this case is handled together in vlprocs.c as
> GetEntryByID, so we can do the RestrictedQuery check there and
> rebuff queries which are essentially GetEntryByID queries,
Well, no, my last message notwithstanding, you can't do that. If you
do, mount points that use volume IDs instead of names will not work, and
clients may also break in other ways.
> So, would having a (separate) option to reject GetEntryById calls (or
> GetEntryByName calls if they contain an id) when they are anonymous
> acceptable? Of course this option would default to false. I'm not
> really afraid of authenticated users bruteforcing the 2^32 space, but
> anonymous users might.
It might be reasonable to work around this by applying rx error
throttling. However, I'd be careful with that, as we don't immediately
know what effect it might have on legitimate clients.
-- Jeff