Date: Wed, 1 Apr 2009 02:34:58 -0500 From: Paul A Procacci <pprocacci@datapipe.net> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: mountd requests Message-ID: <49D31922.4040705@datapipe.net>
next in thread | raw e-mail | index | archive | help
Hey All, We have a shared nfs machine that is used between multiple client machines. While this in itself is ok, any client that issues a `showmount` command can see the other mounts that are currently established. I can't for the life of me figure out how this is a good thing. I big security related `no no` comes to mind whenever I see all mounts from all clients returned back to me from a client. Now, mountd doesn't have a `secure` option to turn this off, but I have developed an untested patch for doing this. I think the reasonable default behavior would be to return only mounts that the physical host making the request currently has established. I guess my real question is, has anyone ever been concerned by this? ~Paul This message may contain confidential or privileged information. If you are not the intended recipient, please advise us immediately and delete this message. See http://www.datapipe.com/emaildisclaimer.aspx for further information on confidentiality and the risks of non-secure electronic communication. If you cannot access these links, please notify us by reply message and we will send the contents to you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49D31922.4040705>