At 09:56 AM 5/20/2008, J. Bruce Fields wrote: >> MHO is that it's important but not urgent, and it should be part of a later >> change. At Connectathon, no clients were sending any problematic requests, >> so I think it's unlikely this will affect us in the wild, for now. > >Somewhere in the documentation, a really clear warning about the >security assumptions would be useful. It could also help if the howto >(on the web and in Documentation/filesystems/nfs-rdma.txt) included any >instructions on necessary firewalling, etc. Agreed. The kernel (/proc) parameters are part of this, and it's time to spell them all out as well. The protocol hardening we're talking about above isn't a security issue, of course. It's just basic and part of the implementation. The client, btw, has some fairly strict checking. >By the way, the Kconfig help text for SUNRPC_XPRT_RDMA looks like it >needs an update to mention the server? You're right - it only mentions the client. I thought we added that text when we simplified/collapsed the config. Tom. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
