Subject: Re: NFS and privileged ports
To: Jason Thorpe <>
From: Jonathan Stone <>
List: tech-net
Date: 11/08/2004 18:43:11
In message <>,
Jason Thorpe writes:
>Am I the only one who thinks that the privileged port requirement (that
>can be disabled on a per-export basis with -noresvport) is just a
>little silly in this day and age?
>I would really like to make -noresvport the default, and maybe add a
>-resvport option for people who are under the false impression that the
>privileged port requirement actually buys them extra security.
Do remember that there are environments where it's _not_ a false
impression... rare and getting rarer, but not an empty set.
Client-side NFS, or server, or both?
I was decidely miffed when I found out that some thoughtless removed
the old -P/-p support between 1.6 and 2.0: I had used that to emulate
tens of thousands of simultaneous NFS-mounts of the same export point.
(Tens of thousands of "privileged" ports on a single machine being in,
um, rather short supply).