From mboxrd@z Thu Jan  1 00:00:00 1970
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\))
From: arisawa <arisawa@ar.aichi-u.ac.jp>
In-Reply-To: <CAOw7k5i5Hbw=vLCD1YGo7pbpXSyKMtmu0qboxB1ybX1nQZNGTw@mail.gmail.com>
Date: Mon, 15 Feb 2016 10:05:47 +0900
Content-Transfer-Encoding: quoted-printable
Message-Id: <6DF5FD14-1141-48D6-9A87-04966521E332@ar.aichi-u.ac.jp>
References: <CAOw7k5gZWWiGA+MJVksHUuNj8b+Dvz1NLUAJEdf1_B4Df7OMXg@mail.gmail.com>
	<7ef5897118148acd265fac9b434f8684@felloff.net>
	<CAOw7k5i5Hbw=vLCD1YGo7pbpXSyKMtmu0qboxB1ybX1nQZNGTw@mail.gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Subject: Re: [9fans] bug in exportfs
Topicbox-Message-UUID: 8439e520-ead9-11e9-9d60-3106f5b1d025

Hello,

> 2016/02/15 7:57=E3=80=81Charles Forsyth <charles.forsyth@gmail.com> =
=E3=81=AE=E3=83=A1=E3=83=BC=E3=83=AB=EF=BC=9A
>=20
>=20
> On 14 February 2016 at 16:38, <cinap_lenrek@felloff.net> wrote:
> i could imagine the filtering being usefull when cpu'ing to foreign =
machines,
> as a server can easily compromize your system when cpu exports your =
whole
> local namespace
>=20
> You'd still be better off using a custom nsfile to control it, running =
that cpu in
> a more restricted name space from the start, so leaks are impossible.

filtering of exportfs is handy if it works well.
for example, assume we want to exclude all files of name that begins =
with =E2=80=9C.=E2=80=9D,
then it is probably difficult to do so using only nsfile.

the =E2=80=9C+=E2=80=9D filtering is almost useless.
it will not be difficult to rewrite the current code so that we have =
better matching rule.
(I think ordering of pattern sequence should be used in evaluation.)
however the change may break something others.
(but I doubt the =E2=80=9C+=E2=80=9D filtering is really used)