[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Buyer Beware: A Major Change in NFS (in Rawhide) is about to happen




On 10/29/2009 11:17 AM, Gregory Maxwell wrote:
> On Mon, Oct 26, 2009 at 1:13 PM, Steve Dickson <SteveD redhat com> wrote:
>> On a pre F-12 Server:
>>   2) Added the '/ *(ro,fsid=0)' entry to the /etc/exportsfile and
>>      reset the exports with 'exportfs -arv' (see exports(5) for details).
> 
> 
> *Please* stop recommending this to people.
> 
> This is a myopic configuration change which will violate the security
> assumptions of almost any system out there.   It's not what
> practically anyone wants. Arguably the exports tool should even
> prohibit this kind of configuration unless you set some
> yes-I-really-intend-to-be-completely-insecure knob, it's certainly not
> something that should be recommended as a fix for "help! nfs stopped
> working when I upgrade to F13".
> 
I guess I just have confidence that people understand what
they are doing... sorry...

steved.
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]