Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!solace!nntp.uio.no!newsfeed.nacamar.de!fu-berlin.de!news.th-darmstadt.de!news.swb.de!monad.swb.de!not-for-mail From: okir@monad.swb.de (Olaf Kirch) Newsgroups: comp.os.linux.networking,comp.unix.bsd.freebsd.misc,comp.unix.bsd.misc Subject: Re: NFS with free bsd and linux Followup-To: comp.os.linux.networking,comp.unix.bsd.freebsd.misc,comp.unix.bsd.misc Date: 30 Apr 1997 01:16:39 +0200 Organization: Labordy Cyfrifiadureg Olaf Lines: 21 Message-ID: <5k5vgn$aio@monad.swb.de> References: <33658E27.3EAD@them.com> <01bc5478$ca8a4800$f3e94dc2@hugo09.ticsoft.de> NNTP-Posting-Host: monad.swb.de X-Newsreader: TIN [UNIX 1.3 950515BETA PL0] Xref: euryale.cc.adfa.oz.au comp.os.linux.networking:77127 comp.unix.bsd.freebsd.misc:39963 comp.unix.bsd.misc:3118 Patrick M. Hausen (hausen@punkt.de) wrote: : Use a priviledged port for the mount - it's an option to mount(8), : something like -p or -P or similar. : Have a look at the manual page, I'm typing this from memory ;-) : : This is a - braindamaged, IMHO - way of Linux, Solaris an some : other Unices to "enhance security". You can see from the recent CERT advisory on BSD file handle guessing that it's not such a bad idea after all to make the server check the port number. If allowing your users to guess file handles _and_ present them to the server no questions asked qualifies at all, then it's for the `braindamaged' category. While I agree that minimal security is not all we should aim for, it's definitely better than none at all. Olaf -- Olaf Kirch | okir@monad.swb.de | Never trust a guy with a silicon brain.