From owner-freebsd-security  Tue Jan 30 17:10:41 2001
Delivered-To: freebsd-security@freebsd.org
Received: from vexpert.dbai.tuwien.ac.at (vexpert.dbai.tuwien.ac.at [128.130.111.12])
	by hub.freebsd.org (Postfix) with ESMTP id 1911637B6A9
	for <freebsd-security@freebsd.org>; Tue, 30 Jan 2001 17:10:24 -0800 (PST)
Received: from deneb.dbai.tuwien.ac.at (deneb [128.130.111.2])
	by vexpert.dbai.tuwien.ac.at (8.11.1/8.11.1) with ESMTP id f0V1ALe05845;
	Wed, 31 Jan 2001 02:10:21 +0100 (MET)
Received: from localhost (pfeifer@localhost)
	by deneb.dbai.tuwien.ac.at (8.11.1/8.11.1) with ESMTP id f0V1AJX75052;
	Wed, 31 Jan 2001 02:10:20 +0100 (CET)
	(envelope-from pfeifer@dbai.tuwien.ac.at)
X-Authentication-Warning: deneb.dbai.tuwien.ac.at: pfeifer owned process doing -bs
Date: Wed, 31 Jan 2001 02:10:19 +0100 (CET)
From: Gerald Pfeifer <pfeifer@dbai.tuwien.ac.at>
To: <freebsd-security@freebsd.org>
Cc: <admin@dbai.tuwien.ac.at>
Subject: nfsd lacks support for tcp_wrapper
Message-ID: <Pine.BSF.4.32.0101302048060.89689-100000@taygeta.dbai.tuwien.ac.at>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Unless we completely missed something, nfsd does lack support for
tcp_wrapper, doesn't it?

As NFS is a rather critical security-wize this seems like a big omission.

(Many sites, like ours, just cannot avoid using NFS, so it would be nice
to be able to easily restrict the address range clients are allowed to
connect from.)

Or are we just missing something?

Gerald
-- 
Gerald "Jerry" pfeifer@dbai.tuwien.ac.at http://www.dbai.tuwien.ac.at/~pfeifer/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message