On Dec 9, 2010, at 3:49 PM, Andrew J. Schorr wrote: > Hi, > > The current rpcbind -i option seems to relax 3 different security requirements. > If the user wants to allow any one of the three, he is forced to allow > all 3. > > The attached patch introduces 3 new options (-c, -r, and -u) to break this > down to give the user control of which security requirements to relax. > > This patch compiles, but has not been tested yet. If there is any > interest in accepting this, I will of course test it. :-) But it's fairly > basic, so I thought I'd gauge the interest level first. Steve > Dickson from Redhat suggested that I post here to discuss this issue > regarding https://bugzilla.redhat.com/show_bug.cgi?id=481422 Looking over the bug... It sounds like your application is trying to use glibc's RPC implementation with rpcbind. If you build your application with libtirpc instead, it should use an AF_UNIX socket to contact rpcbind instead of loopback. The AF_UNIX socket carries some authentication information with the registration request. All users of your application would be allowed to set or unset RPC registrations in that case. -- Chuck Lever chuck[dot]lever[at]oracle[dot]com -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
