On 04/14/2015 03:39 PM, Gregory Boyce wrote: > On Tue, Apr 14, 2015 at 3:37 PM, Gregory Boyce <gregory.boyce@xxxxxxxxx> wrote: >> On Fri, Apr 10, 2015 at 3:04 PM Gregory Boyce <gregory.boyce@xxxxxxxxx> >> wrote: >>> >>> On Fri, Apr 10, 2015 at 2:45 PM, Trond Myklebust >>> <trond.myklebust@xxxxxxxxxxxxxxx> wrote: >>> >>>> No. You are not supposed to be able to work around security issues, >>>> and it is indeed a security issue when a client gets a reply from an >>>> IP address that it does not recognise as being the same as the one it >>>> sent an RPC to. >>> >>> "Working around" security issues is a rather common and accepted >>> practice when there are mitigating controls in place. It's never a >>> black and white world. >>> >> >> >> The attached patch was able to work around the issue for us until we can get >> the filers working in a more expected manner. I'm sending it along in case >> anyone else can find a use for it, or if you want to apply it in order to >> give people an option for cases like this. > > Re-sending since Google Inbox likes to default to HTML e-mail. > Could you please resend this patch using the proper Sign-off-by, subject and description formats as describe in https://www.kernel.org/doc/Documentation/SubmittingPatches steved. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
