On Mon, 6 Dec 1999, Simon Burge wrote:

> I must be missing something really obvious here - don't the other
> filehandle routines also require root privs, so it's not as if a
> user process can do anything with a filehandle?  Why does getting a
> filehandle require root as well?

NFS.

Once you know a file's filehandle, you could create nfs requests to access
it.

The main reason for these restrictions is that the filehandle contains the
generation # of the file. For security reasons, we restrict access to this
value. _That_ is the reason getfh is restricted. :-)

Take care,

Bill