From: bfields@fieldses.org (J. Bruce Fields)
To: Chuck Lever <chucklever@gmail.com>
Cc: Guillem Jover <gjover@sipwise.com>,
libtirpc List <libtirpc-devel@lists.sourceforge.net>,
Linux NFS Mailing List <linux-nfs@vger.kernel.org>
Subject: Re: [PATCH] Do not bind to reserved ports registered in /etc/services
Date: Thu, 8 Mar 2018 15:24:23 -0500 [thread overview]
Message-ID: <20180308202423.GA16485@fieldses.org> (raw)
In-Reply-To: <CAFMMQGtt_u19RoCyQAQEaSZRXu3WQ-YSKu4u1BtKtJnaTQbKYw@mail.gmail.com>
On Tue, Mar 06, 2018 at 01:09:01PM -0500, Chuck Lever wrote:
> Note that neither of these solutions addresses the largest consumer
> of dynamically-assigned reserved ports: the kernel NFS client. The
> only way we have to address that today is the "noresvport" mount
> option. (We could make that the default for Kerberos mounts).
Makes sense to me.
Looks like knfsd's not helpful here, though: the export option
("secure"/"insecure") defaults to "secure", which always requires a low
port. It should be easy to modify "secure" to mean "require low ports
only for auth_sys/auth_null", and that's probably the right thing to do.
--b.
next prev parent reply other threads:[~2018-03-08 20:24 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-10 0:49 [PATCH] Do not bind to reserved ports registered in /etc/services Guillem Jover
2018-01-11 15:18 ` Steve Dickson
2018-01-12 18:41 ` Guillem Jover
2018-01-12 19:12 ` [Libtirpc-devel] " Thorsten Kukuk
2018-01-12 19:19 ` Tom Talpey
2018-02-08 18:07 ` Chuck Lever
2018-02-08 18:36 ` Chuck Lever
2018-03-06 18:09 ` Chuck Lever
2018-03-08 20:24 ` J. Bruce Fields [this message]
2018-03-08 21:26 ` J. Bruce Fields
2018-03-08 21:28 ` [Libtirpc-devel] " Chuck Lever
2018-03-08 21:35 ` Bruce Fields
2018-01-11 15:50 ` Chuck Lever
2018-01-12 18:05 ` Guillem Jover
2018-01-12 19:12 ` Chuck Lever
2018-01-12 21:12 ` [Libtirpc-devel] " Thorsten Kukuk
2018-01-12 21:14 ` Chuck Lever
2018-01-12 21:30 ` Matt Benjamin
2018-01-12 22:08 ` Steve Dickson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180308202423.GA16485@fieldses.org \
--to=bfields@fieldses.org \
--cc=chucklever@gmail.com \
--cc=gjover@sipwise.com \
--cc=libtirpc-devel@lists.sourceforge.net \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.