Database communities have used databases to store files closely associated with database applications including CAD, medical images, invoice images, and other documents. A database provides security, ability to search, and scalability over traditional file systems. A database file system (DBFS) leverages the features of a database to store files, and the strength of a database to efficiently manage relational data. The DBFS provides a client-server file system abstraction over files stored in a database allowing users to perform network file system operations within the database using standard file system interfaces instead of standard database interfaces. Similar to a Network File System (NFS), the DBFS provides a transparent abstraction layer of a shared network file system as a local file system to a client user.
The Database Management System (DBMS) is the file system server for DBFS. A DBFS Client provides a set of interfaces that transform file system operation requests from the client to database operation requests, which are then sent to the DBMS.
The DBFS file system is mounted on a client machine at a client-specific mount point. File system operation requests from a client-user that are relative to the client-specific mount point are translated by the DBFS Client to their corresponding database operation requests and sent to the DBMS. Before mounting the DBFS file system on the client machine, the DBFS Client authenticates the client-user based on their database credentials. Once authorized, the DBMS transmits information for each of the requested files stored in the DBFS file system. This information includes: the file owner, the group, and the permission values originally set by the system where the file was last updated or created.
When the client-user performs a file operation request on a file stored within the DBFS file system, the following operations occur. The client machine determines whether the client-user has sufficient privileges to perform the requested file operation. This determination is performed by the client machine's operating system. If the client-user at the operating system level does not have permission then the operating system denies the request. If the client-user has sufficient privileges, then the client's operating system passes the request to the DBFS Client. The DBFS Client then translates the client-user's operating system file operation request into a database request. The database request is passed to the DBMS, which performs the database request. The user then receives the output of the database request via the DBMS, and DBFS client.
One potential issue with the DBFS is the manner in which information about user access privileges is generated by the DBFS. The DBFS file system stores, in association with a file and directory, user access control information provided by the DBFS client system, which created or updated the file. Client-user identifiers are generated locally on the client machine of each DBFS Client. There is a possibility that a client-user ID overloading scenario may occur. A client-user ID overloading scenario occurs when one client-user on a machine has the exact same client-user identifier as another client-user on another machine. In this scenario, the determination of a client-user's privileges for a file may be based on the client-user identifier of another client-user. Permissions may be mistakenly granted to client-users for file operations that do not actually have sufficient privileges. An illustration of this when a file is created by client-user A on client server A and saved in the mounted DBFS file system, the DBFS stores the created file (file-A) and its associated file information from client server A. This means that the stored file information includes the file owner as user ID 100, where the client-user A is locally known as user ID 100. Then when client-user B on client server B, where client-user B is locally known as user ID 100, tries to perform a file operation on file A; the client server B will compare client-user B's user ID value (locally known as 100) to the file information retrieved from the DBFS file system. When the file owner information for file A is compared to client-user B's user ID value, the client server B will mistakenly conclude that client-user B is the file owner for file-A because of the overlapping user IDs. Thus a client-user ID overloading scenario occurs.