Subject: Re: enforcing /etc/exports
To: None <rick@snowhite.cis.uoguelph.ca>
From: Perry E. Metzger <perry@piermont.com>
List: tech-kern
Date: 03/25/1997 11:39:54
rick@snowhite.cis.uoguelph.ca writes:
> Unless NetBSD dismantled it (and I doubt that), the restrictions specified
> in /etc/exports are pushed down into the kernel and are checked for every
> RPC request. (There was a fairly recently fixed bug in the code that did
> cause a problem in certain situations. I can't remember if it allowed a
> security breach or not.)
>
> I don't know if the Linux nfs does this, but 4.4 BSD definitely did.
Cool. Of course, none of this prevents forged packet source
addresses. fsirand is still of use.
Perry