[867] in linux-security and linux-alert archive
Re: [linux-security] A secure (?) nfs-server ?
daemon@ATHENA.MIT.EDU (Wietse Venema)
Mon Jul 1 14:31:42 1996
From: wietse@wzv.win.tue.nl (Wietse Venema)
To: aleipold@clark.net
Date: Sat, 29 Jun 96 22:28:53 MET DST
Cc: gander@defiant.vte.com, sandman@chiara.dei.unipd.it,
linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.SOL.3.93.960628202150.27862D-100000@clark.net>; from "aleipold@clark.net" at Jun 28, 96 8:23 pm
> Also, it does not check to see that the mount request originates from a
> reserved port (<1023). Slirp usually binds to ports between 30000-60000 for
> TCP/UDP connections.
When the server allows unprivileged NFS requests, any user-level NFS
client program is sufficient to grab the server's file systems. There
is no need to run a SLIRP connection for that.
Wietse