On Mon, Jan 19, 2009 at 4:06 PM, Patrice Dumas <pertusus@xxxxxxx> wrote:
In fact the control is in mountd. In nfs-utils-1.1.4-6 in FC10 ./utils/mountd/auth.c call
auth_authenticate which call client_resolve that do the check forward/reverse lookup via the
call to get_reliable_hostbyaddr in ./support/export/hostname.c. And this is in the upstream release.
Regards
On Mon, Jan 19, 2009 at 09:08:11AM -0500, Steve Dickson wrote:
> The discussion about the fact mountd (statd) no longer accept connections fromThis is not a change in tcp_wrapper, but in nfs-utils. And as far as I
> unknown IP address (similar to other system daemon) due to a "fix" in the tcp
> wrapper code is at:
can tell this is not already upstream, so this looks like (but I may
be wrong) a fedora specific change in mountd.
I think that it is a very questionable change. Maybe it makes sense
for NFSv4 (but is mountd involved in NFSv4?), but for NFSv3, it
doesn't make sense to me, since there is no security at all in any
case.
I may very well be missing something, though.
In fact the control is in mountd. In nfs-utils-1.1.4-6 in FC10 ./utils/mountd/auth.c call
auth_authenticate which call client_resolve that do the check forward/reverse lookup via the
call to get_reliable_hostbyaddr in ./support/export/hostname.c. And this is in the upstream release.
Regards
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
