Does anybody know who uses SM_SIMU_CRASH and is it still needed? I'm getting some push back from our security folks to plug this DoS hole up...
How is it a DoS? statd ignores any SM_SIMU_CRASH from a non-loopback address that does not use a privileged port. To invoke it, you basically have to be a privileged local user.
Right now, no one uses it, but I think we should reserve the right to use it in the future. This could be part of a more robust interface between lockd and statd.
-- Chuck Lever -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
