Comment 26 for bug 1260679

I don't think the impact description is fully accurate:

- you don't need shell access.. any user access on the host is fine (also via exploits of potential other daemons)
- by default, the nfs mounts (netapp and NFS driver, others not checked) are mounted under $service_state_path/mnt, which is for proper packaged systems something like /var/lib/nova/mnt. /var/lib/nova is 0755 nova:nova for me, as is /mnt. That is probably part of the issue: that dir should be 0750 service:group-shared-with-other-services-that-need -access
- the problem is not restricted to GPFS, Huawei, Scality and Nexenta. I can reproduce it with plan-NFS and NetApp/NFS driver as well. Basically anything that derives from the NFS driver.