On Mon, Nov 08, 2004 at 06:45:40PM -0800, Bill Studenmund wrote:
> On Mon, Nov 08, 2004 at 09:18:37PM -0500, Thor Lancelot Simon wrote:
> > On Mon, Nov 08, 2004 at 05:31:14PM -0800, Jason Thorpe wrote:
> > > Am I the only one who thinks that the privileged port requirement (that 
> > > can be disabled on a per-export basis with -noresvport) is just a 
> > > little silly in this day and age?
> > > 
> > > I would really like to make -noresvport the default, and maybe add a 
> > > -resvport option for people who are under the false impression that the 
> > > privileged port requirement actually buys them extra security.
> > > 
> > > Thoughts?
> > 
> > I don't think it's silly; I rely on NFS only in environments in which I
> > control the private interconnect it runs across and the kernels and
> > environment on each machine that uses it.
> > 
> > In that environment, the privileged port requirement does, in fact, buy
> > me "extra" security; in fact, it buys me "any security at all"; without
> > it, I cannot treat the machines as a single security domain, which is my
> > intent; with it, barring a bug in the kernel, I can in fact do so, and
> > do so safely.
> 
> So then perhaps the thing to do is add the -resvport option, and add 
> a command arguement to set -noresvport as the option if not otherwise 
> specified?

Why should your use case take precedence over mine?


-- 
 Thor Lancelot Simon	                                      tls@rek.tjls.com
   But as he knew no bad language, he had called him all the names of common
 objects that he could think of, and had screamed: "You lamp!  You towel!  You
 plate!" and so on.              --Sigmund Freud