Patch-ID# 102177-04
Keywords: lockf() large uid security
Synopsis: SunOS 4.1.3_U1: NFS Jumbo Patch
Date: Feb/01/96

Solaris Release: 1.1.1

SunOS Release: 4.1.3_U1

Note: This patch is available for 4.1.3 as 100173 and for 4.1.4 as 102394.

Unbundled Product:

Unbundled Release:

Relevant Architectures: sparc

BugId's fixed with this patch: 1176647 1139620 1144641 1227246

Changes incorporated in this version: 1227246

Patches accumulated and obsoleted by this patch:

Patches which conflict with this patch:

Patches required with this patch:

Obsoleted by:

Files included with this patch:

  nfs_client.o
  nfs_server.o
  nfs_vnodeops.o

Problem Description:

1227246 --> With the introduction of Solaris 2.5.1 as NFS server or client,
            4.1.x is exposed to a security loophole. 4.1.x does not take
            care of large uids which is used by SGI, AIX and 2.5.1 machines.

1144641 --> System crashes if NFS server has unrecognized vnode types.

1139620 --> If one lockf()'s a nfs file, it looks like the lock
            stays for some time.

1176647 --> Interrupting writes to NFS mounted files causes repeated
            but unpredictable error.


Patch Installation Instructions:

As root, backup the old files:
mv /sys/`arch -k`/OBJ/nfs_client.o /sys/`arch -k`/OBJ/nfs_client.o.FCS
mv /sys/`arch -k`/OBJ/nfs_server.o /sys/`arch -k`/OBJ/nfs_server.o.FCS
mv /sys/`arch -k`/OBJ/nfs_vnodeops.o /sys/`arch -k`/OBJ/nfs_vnodeops.o.FCS

Now install the patched files from the patch directory location:
cp `arch -k`/nfs_client.o /sys/`arch -k`/OBJ/nfs_client.o
chmod 444 /sys/`arch -k`/OBJ/nfs_client.o
cp `arch -k`/nfs_server.o /sys/`arch -k`/OBJ/nfs_server.o
chmod 444 /sys/`arch -k`/OBJ/nfs_server.o
cp `arch -k`/nfs_vnodeops.o /sys/`arch -k`/OBJ/nfs_vnodeops.o
chmod 444 /sys/`arch -k`/OBJ/nfs_vnodeops.o

Config, make and install a new kernel.

Please refer to the system and networking administration manual
for details on building and installing a new kernel.
