Paul A Procacci
pprocacci at datapipe.net
Wed Apr 1 00:36:18 PDT 2009
We have a shared nfs machine that is used between multiple client
machines. While this in itself is ok, any client that issues a
`showmount` command can see the other mounts that are currently
established. I can't for the life of me figure out how this is a good
thing. I big security related `no no` comes to mind whenever I see all
mounts from all clients returned back to me from a client. Now, mountd
doesn't have a `secure` option to turn this off, but I have developed an
untested patch for doing this. I think the reasonable default behavior
would be to return only mounts that the physical host making the request
currently has established.
I guess my real question is, has anyone ever been concerned by this?
This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/emaildisclaimer.aspx for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.
More information about the freebsd-questions