Subject: Re: enforcing /etc/exports
To: None <firstname.lastname@example.org>
From: Perry E. Metzger <email@example.com>
Date: 03/25/1997 11:39:54
> Unless NetBSD dismantled it (and I doubt that), the restrictions specified
> in /etc/exports are pushed down into the kernel and are checked for every
> RPC request. (There was a fairly recently fixed bug in the code that did
> cause a problem in certain situations. I can't remember if it allowed a
> security breach or not.)
> I don't know if the Linux nfs does this, but 4.4 BSD definitely did.
Cool. Of course, none of this prevents forged packet source
addresses. fsirand is still of use.