[Gluster-devel] Glusterfs Crypt Translator

David Spisla david.spisla at iternity.com
Wed May 24 08:28:02 UTC 2017 

Hello Gluster-Devels,

I am interested in the crypt translator of glusterfs. Kaushal M told me that there is no maintainer at the moment. Does anybody of you know some technical details about that translator?

Today there is still no support for NFS Mounts. Is there a way to enable crypt translator for nfs mounts?
Edward Shishkin wrote (http://lists.gluster.org/pipermail/gluster-users.old/2014-August/018369.html):
In NFS mounts of GlusterFS volumes file operations usually don't have
file names. They manipulate with file handles instead (which actually
are GFIDs). Respectively, we have to be sure that every file handle
in the cache of the client machine is trusted. This is not simple to
implement with a guarantee that future changes in GlusterFS code won't
add a security hole, which will lead to appearing of non-verified file
handles in the cache of the client machine.

This seems to be only a security issue. As far as I know enabling crypt translator for nfs mounts
should be not a technical problem (but you have still that security issue with the untrusted gfid)

I really wondering myself about that translator. Yesterday it was not working with nfs but today it does HaHaHa

Regards

David Spisla
Software Developer
david.spisla at iternity.com<mailto:david.spisla at iternity.com>
www.iTernity.com<http://www.iternity.com/>
Tel:       +49 761-590 34 841
Visit us at Booth #257 at:
[cid:image001.gif at 01D2CEE0.ADC8CD60]<https://www.hpe.com/events/discover/>
iTernity GmbH
Heinrich-von-Stephan-Str. 21
79100 Freiburg - Germany
---
unseren technischen Support erreichen Sie unter +49 761-387 36 66
---
Geschäftsführer: Ralf Steinemann
Eingetragen beim Amtsgericht Freiburg: HRB-Nr. 701332
USt.Id de-24266431

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.gluster.org/pipermail/gluster-devel/attachments/20170524/ef06d860/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 140895 bytes
Desc: image003.png
URL: <http://lists.gluster.org/pipermail/gluster-devel/attachments/20170524/ef06d860/attachment-0001.png>

More information about the Gluster-devel mailing list