Re: access control for mountd, statd, and lockd?

[Chuck Swiger <cswiger%mac.com@localhost>]

Hi--

On Feb 7, 2010, at 11:02 AM, Steven Bellovin wrote:
> It would certainly take unusual code, like what mountd has.  Should there be 
> libwrap code in the RPC library?  Should an optional port-number mapping file 
> be consulted by svc_create?  I'm unhappy with the thought of network services 
> with no access control at all.

Perhaps the new owners of Sun might be willing to license SecureRPC code under 
more open terms?  At least, RFC-2203 is publicly available if someone wants to 
roll their own implementation; and I've heard rumors to the effect that Linux 
might have a GPL'ed implementation.

Otherwise, DCE from the OSF folks might be a reasonable alternative.

As I'm sure you know, NFS and the RPC services were designed for situations 
where the machines doing filesharing can trust each other and can also trust 
the network to not be compromised-- things like ethernet MAC spoofing and 
replay attacks against NFS servers have had a long and grubby history of easy 
security exploits.  If you don't want to trust the local network, then it's not 
too difficult to use OpenVPN or SSH tunneling to create a secure tunnel in 
which you can do RPC and NFS more safely.

Regards,
-- 
-Chuck