In message <0B8BADD7-31EF-11D9-ACC4-000A957650EC@shagadelic.org>,
Jason Thorpe writes:


>Am I the only one who thinks that the privileged port requirement (that 
>can be disabled on a per-export basis with -noresvport) is just a 
>little silly in this day and age?
>
>I would really like to make -noresvport the default, and maybe add a 
>-resvport option for people who are under the false impression that the 
>privileged port requirement actually buys them extra security.

Do remember that there are environments where it's _not_ a false
impression... rare and getting rarer, but not an empty set.


>Thoughts?

Client-side NFS, or server, or both?

I was decidely miffed when I found out that some thoughtless removed
the old -P/-p support between 1.6 and 2.0: I had used that to emulate
tens of thousands of simultaneous NFS-mounts of the same export point.
(Tens of thousands of "privileged" ports on a single machine being in,
um, rather short supply).