4_3 Squashing

Many NFS server implementations provide a way to map the uid from incoming requests to other user IDs on the system. Squashing means that the server replaces the uid and gid of incoming NFS requests with another one, by default it uses the ID of nobody which has the numeric value of 65534 or -2 signed. BSD implementations have a similar feature called mapping. It is possible to manually specify the uid and gid to which incoming requests get squashed using the anonuid and anongid configuration options.

On Linux there are three different squashing options that determine which IDs get squashed:

all_squash: Each uid and gidgets squashed. This option can be used for exports where the owner of a file does not matter.
root_squash / no_all_squash: Only uid and gid 0 are squashed. This is the default setting on Linux. This prevents clients from performing file operations as root, however they can freely choose any other uid and gid.
no_root_squash: No IDs are squashed. This means that clients can perform file operations as root.

In combination with misconfigured clients, the squashing option can facilitate some client-side privilege escalation attacks which are explained separately.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

4_3 Squashing

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally