Date: Wed, 25 Oct 1995 06:27:33 -0700 From: "Jordan K. Hubbard" <jkh@time.cdrom.com> To: davidg@Root.COM Cc: mikebo@tellabs.com, hackers@freebsd.org, bugs@freebsd.org Subject: Re: 2.1.0-951020-SNAP: Major bug in NFS again! Message-ID: <27341.814627653@time.cdrom.com> In-Reply-To: Your message of "Tue, 24 Oct 1995 20:38:46 PDT." <199510250338.UAA27854@corbin.Root.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
> This is obviously flamebait and I'm not going to respond to it. I don't think he meant it as flamebait, I read it as him simply trying to state a position (which he did at least mark with a "soapbox on", thus indicating that he knew it to be a contraversal issue) that if FreeBSD can't interoperate with the big boys, then people aren't going to praise FreeBSD for taking the high road, they're going to say that FreeBSD is crap because it can't even talk to the most popular workstation platform on the planet. I can at least see where he's coming from! > bypass the system security. Other commercial vendors are running old security > broken versions of NFS and this makes them wide open for security attacks. And I can see your point as well. Clearly, it's Sun that needs to clean their house and not us.. They've screwed the pooch and I hope Mike can at least understand the natural horror reaction at proposing we lobotomize our security just to cope with someone else's total lack of it. Maybe we can reach a compromise.. > The best I could offer you would be a kernel option to disable this > security, but I'll say right now that this *won't* be in the 2.1 release. I agree - 2.1 is simply too close, though I see no reason why the power-users won't be able to retrofit your solution from 2.2. Still, this strikes me as a problem we're going to see reported often enough that maybe we should make it a MIB variable instead of a kernel compile option, ala the net.inet.tcp.rfc* knobs we already support. Jordan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?27341.814627653>