Red Hat Enterprise Linux Security

NFS v4 is broken on ALL systems running Red Hat Enterprise 5.4.  The Bugzilla entry is Bug 524520.

If you are lucky you’ll be using some Java app that will throw a fit immediately about not having permission to create files.  If you are not lucky you won’t notice until you see that file permissions are all randomized on the backing host file system.  Who wants random SUID files?  I do!  I do! Red Hat knows this is a security issue.  The bug report says it is “Important”.  All it takes is a single “yum update” and if you are using NFS v4, congrats, you win!

Red Hat won’t release a fix for this until November.

Guys?  Hello?  NFS v4 shouldn’t be broken for three months!  It isn’t a “preview” it is a production feature.  The fact you are setting file permissions to uninitialized values at all SHOULD BE FIXED YESTERDAY.

Grrrr…..  How many bugs like this are being hidden inside Bugzilla?