On Sat, August 30, 2008 6:56 am, Chuck Lever wrote: > A little follow-up here. > > Steve and I looked at the nfs-utils-1.1.3 RPM for Fedora today. I did > an "rpmbuild -bc" and looked at it's config.h, and RESTRICTED_STATD is > defined as 1. So it uses the default. > > Looking at the code, it appears that when RESTRICTED_STATD is set, > NL_ADDR() is always going to be the loopback address. Neil, is that > your understanding of this code? > Nearly. If RESTRICTED_STATD is defined (to anything), MON, UNMON, UNMON_ALL and SIMU_CRASH are only honour if they come from 127.0.0.1, so the callback address (NL_ADDR) for any service that statd is monitoring will always be local. Only NOTIFY can come from other hosts (to tell us they rebooted). Also, only the lockd callback service is recognised. If any service other than lockd registers a callback it will be ignored, even if it is from localhost. This last point is the only bit that could conceivably cause a problem. However we don't really want any user to be able to request a callback to any random service.... I wonder if anyone uses for statd for anything but lockd, and how could we know? NeilBrown -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
