Buyer Beware: A Major Change in NFS (in Rawhide) is about to happen
Steve Dickson
SteveD at redhat.com
Thu Oct 29 15:20:21 UTC 2009
On 10/29/2009 11:17 AM, Gregory Maxwell wrote:
> On Mon, Oct 26, 2009 at 1:13 PM, Steve Dickson <SteveD at redhat.com> wrote:
>> On a pre F-12 Server:
>> 2) Added the '/ *(ro,fsid=0)' entry to the /etc/exportsfile and
>> reset the exports with 'exportfs -arv' (see exports(5) for details).
>
>
> *Please* stop recommending this to people.
>
> This is a myopic configuration change which will violate the security
> assumptions of almost any system out there. It's not what
> practically anyone wants. Arguably the exports tool should even
> prohibit this kind of configuration unless you set some
> yes-I-really-intend-to-be-completely-insecure knob, it's certainly not
> something that should be recommended as a fix for "help! nfs stopped
> working when I upgrade to F13".
>
I guess I just have confidence that people understand what
they are doing... sorry...
steved.
More information about the fedora-devel-list
mailing list