On Mon, May 5, 2008 at 1:02 PM, J. Bruce Fields <bfields@xxxxxxxxxxxx> wrote: > > So the only thing missing would be to limit the port visibility > > of long-standing sockets; but this should probably be > > discussed in another thread if you think it's worth it? > > Is the only justification just to limit the consequences if a remote > exploit is found in statd? It will also make it a LOT easier to debug and understand. Discussions like this would have never existed given that binds would have been specific. -- // Janne -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
