On Thu, Sep 25, 2008 at 08:35:26AM -0500, Tom Tucker wrote: > J. Bruce Fields wrote: >> This explanation is helpful, thanks. It would also be helpful if we >> could boil down the advice to just a sentence or two for the busy admin. >> Something like: unless you have card XYZ and kernel 2.6.y, do *not* use >> rdma on a network where you cannot trust every machine.... > > > Would it be better to say, "Do not use RDMA on a network where your > policy requires a security model stronger than tcp/auth_unix." I'm not worried about the case where the security provided is roughly equivalent to that provided by tcp/auth_unix. I'm worried about the non-"Fast Reg" case where I thought you were saying that the network could access memory other than that meant to hold rpc data. --b. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
