From owner-freebsd-current@freebsd.org Tue Oct 20 00:56:16 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4A7E043955F for ; Tue, 20 Oct 2020 00:56:16 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from CAN01-TO1-obe.outbound.protection.outlook.com (mail-to1can01on0614.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5d::614]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CFZv25f9kz4QCm for ; Tue, 20 Oct 2020 00:56:11 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CnGf/qpsRj+ibtj4cnNgG5i2/2YVSzgGwNUTBIySPNmlpBzfoWLDhaB8t8hAv5e/vmK3O9pcfmMY3EjJPlFtyVDksqA+vwMjS+Met7l+GDzpy+u2OqU5KnpK1D8v9SJRucMfh7iyjq3LXM1iPzSbVmVlgdZdhmbdPbURWuKWCPtVffnc/MX2Kqlp9bH1NsBwFxX3xsEPex77Kl2tAPOU43T2wguxdTDo5qEMz1i+RMN/gVXVok3ouVT88k7LsEEhwY7IWCW68T/4FJgCYCKdhK352auTkf7AxY3XwFjtot8sLUR8m99Hqhvg9Xa/maJEPuo0jOL8UnN6/uRc0uTDvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=anRt9PwklLxxHxsjSnXeLZ9v5fp4ANowKKgliJj7flE=; b=GX0q4fGPokpfRxzdM/EMe7hIEdgZqFaWZ10mmm3NM3RcHzpfaUQ7c0D4TkrzPS8rmeWNGO6Mmf7RqoK5/8KzhG68lscszCqvlBH95nbVRoLAn6Ap/0QA5tSEFSfsCRnaV7pDW6U/p5o9psiNTphcZR52AmnpOvEYnU9FavI1Bt3UzBYq+KkGQVKmnatMqBIlkTd9j3crJLo8P5KzhuVfP0fjgIXL6i87KbVDQUCUz2E3pcKBbMVo/F52OhYQCPJYxNpTaR4d9hXKh3cJr6r56I0x1QtrAlMOwhuRGSXkmj5mBqqfxOyeeyXgHQts/8l/HWyJ69Cqm6PthNwmnv7prw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uoguelph.ca; dmarc=pass action=none header.from=uoguelph.ca; dkim=pass header.d=uoguelph.ca; arc=none Received: from YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:24::27) by YTXPR0101MB2141.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b00:2::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.24; Tue, 20 Oct 2020 00:56:04 +0000 Received: from YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM ([fe80::687f:d85a:a0a3:bd20]) by YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM ([fe80::687f:d85a:a0a3:bd20%6]) with mapi id 15.20.3477.028; Tue, 20 Oct 2020 00:56:04 +0000 From: Rick Macklem To: "freebsd-current@FreeBSD.org" Subject: review of new mountd option disabling use of rpcbind Thread-Topic: review of new mountd option disabling use of rpcbind Thread-Index: AQHWpnttt8iTz/9j60mb0Wbz7GHaDg== Date: Tue, 20 Oct 2020 00:56:04 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 9973b721-0d68-446c-b0ea-08d87492ebd5 x-ms-traffictypediagnostic: YTXPR0101MB2141: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 2Pj39+VsgASCYsMB7XHOmdkTRkDAE3sXiHl3oUbWQ7eEmosk3xfxzQppirLMPiFkQlOzH9YfGBzCiQvl8KcjgqRhN3lEgjMSDjENRch+HGV5HiyaiRUoHMk1zsdN2RKpaVvGVt+ZXLZt6xEZnASB+aw87pEVCuHv18DI2qZmWqlBqM2EtfQD+4PQ+i1/kvQT7zfTH1DD5v2DUiQ4nQn0UURTMALGq1+9CZUmCyI5yhJc+DlrUCHEJfFvaW9124Cuh+sQiYZdS0yTMNc2rXYYgzrt/8R3RXqzKLE2bmkzeRY9WR3+2H4IOOm2m2n9Y1JJiw8PnjlKDxl6uQcOIimIxA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(39860400002)(136003)(376002)(366004)(346002)(396003)(76116006)(52536014)(55016002)(786003)(316002)(8676002)(83380400001)(66556008)(64756008)(66476007)(6506007)(186003)(71200400001)(66446008)(66946007)(86362001)(8936002)(6916009)(33656002)(9686003)(478600001)(7696005)(4744005)(5660300002)(2906002); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: hqMpWYknC3gI/Lf400XnsMEdeM9usg+/MVHw/hRzJziMQFiC8bC/0CBNAG8Yqm6sXu/LOpAdlQ3CIXNPOnmSqzuy4MoHjDVFhf4EBe8bKJw2koL1QHvifh2j+5HiHHbftJ6xTimIVPlogIpCY4pwYlM7DqaId8Ui0M2NOttljRxpjQ/UKeP+tfhb3CvjjxBSSIsjpaZfNGPrYYT7TxxHndnDJWB+hLDiCdUCl25tznFx+eM/Od//QgjKP63uJ70g0hEg7AW3xcvV/a/7hG+YR1AMAzei5LMYU2E0/KKlgcByHNkg8XzkCGuKZEUue5bxvYSWlSdVfDZxf8qPIEpdyzPfSlp2xwgx6vG/a7OxGbxnjp0lOyxBs9oFSK5AvRaQZxNyx0AOAEnxsSJ6TGDiHma0j3bLYWEgeQycLcJ4S92sSgoAL/e9PiWc6ZPyfJhc81HqKMxxHNrr5Mii5IpnPlyyyj3+GkjyA/YsM2+oewFFMDm9hFn3ZhbxQaoS6cD0GMKiyKrjTkTgJ1L2AgD5C8HxJkaKzXU0un/CxoAyICtYmWTWzFJIg9J13WXh6FadDQlG7Q11pF/mMBVlKOcdIXukp2WJEqnE2WFH6uGDI7zMvW3MDcumsr0w1Axs4l/C6KALQEm6J71FGYkI/3XQGXjkJbWL4clf4oPUkO7RPRWWgsf2WElU6P9oMJ3aWOX52CHZNqxbx2Fdu4c3ywD0eQ== x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: uoguelph.ca X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 9973b721-0d68-446c-b0ea-08d87492ebd5 X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Oct 2020 00:56:04.2833 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: rY05nKywH0kCia5bJcOLv2/onlhMpfFvxH+h4YFPWAG96lTsEqNXbIItigDaxh6lXd4SndC4KD+/AneawXWkrw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: YTXPR0101MB2141 X-Rspamd-Queue-Id: 4CFZv25f9kz4QCm X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.47 / 15.00]; NEURAL_HAM_MEDIUM(-1.01)[-1.010]; R_DKIM_ALLOW(-0.20)[uoguelph.ca:s=selector1]; FREEFALL_USER(0.00)[rmacklem]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a01:111:f400::/48]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_LONG(-1.01)[-1.005]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[uoguelph.ca:dkim]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[uoguelph.ca:+]; DMARC_POLICY_ALLOW(-0.50)[uoguelph.ca,none]; NEURAL_HAM_SHORT(-0.46)[-0.455]; TO_DN_EQ_ADDR_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:8075, ipnet:2a01:111:f000::/36, country:US]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; MAILMAN_DEST(0.00)[freebsd-current] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Oct 2020 00:56:16 -0000 Hi,=0A= =0A= I've put a patch up on phabricator that adds a new option to mountd=0A= which disables use of rpcbind. This can be done for NFSv4 only servers.=0A= It appears that rpcbind is now considered a security risk by some.=0A= =0A= I listed freqlabs@ as a reviewer, but if anyone else would like to review= =0A= it, please do so. (Someone has reviewed the man page update already.=0A= Thanks bcr@.)=0A= =0A= It's D26746.=0A= =0A= rick=0A=