Date: Wed, 1 Apr 2009 02:34:58 -0500 From: Paul A Procacci <pprocacci@datapipe.net> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: mountd requests Message-ID: <49D31922.4040705@datapipe.net>
next in thread | raw e-mail | index | archive | help
Hey All, We have a shared nfs machine that is used between multiple client machines. While this in itself is ok, any client that issues a `showmount` command can see the other mounts that are currently established. I can't for the life of me figure out how this is a good thing. I big security related `no no` comes to mind whenever I see all mounts from all clients returned back to me from a client. Now, mountd doesn't have a `secure` option to turn this off, but I have developed an untested patch for doing this. I think the reasonable default behavior would be to return only mounts that the physical host making the request currently has established. I guess my real question is, has anyone ever been concerned by this? ~Paul This message may contain confidential or privileged information. If you ar= e not the intended recipient, please advise us immediately and delete this = message. See http://www.datapipe.com/emaildisclaimer.aspx for further info= rmation on confidentiality and the risks of non-secure electronic communica= tion. If you cannot access these links, please notify us by reply message a= nd we will send the contents to you.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49D31922.4040705>