The problem is that famd is an application which accepts network connections, wants read access to every file that any user can access. If you want to have a secure system you don't want many such programs.
Surely it doesn't need access to the file contents - just to stat them, so access to directories (still a security issue, I agree).
Remote famd operation is only for non-polling notifications over the network. For most people having polling for file status changes on NFS will probably be OK.
I agree with disabling remote famd, but the original post appeared to be disabling the daemon entirely, which I expect would prevent local file monitoring too. Or do gnome/kde use dnotify directly?
Also, I thought RH/Fedora already shipped with remote famd disabled.
Cheers,
Martin.
