>  Note that the -alldirs option should not be used as a security
>  measure to make clients mount only those subdirectories that they
>  should have access to. A client can still access the whole
>  filesystem via individual RPCs if it wanted to, even if just one
>  subdirectory has been mounted

can't we leverage vn_isunder() to provide a little bit of the security
that this paragraph says is not possible?  or am i confusing too many
different things?

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."