On Mon, Aug 12, 2013 at 04:25:45PM +0000, Parisi, Justin wrote:
On a side note, this option is set to disabled in clustered Data ONTAP by default.
So, it would appear that the default security model has changed almost silently with NFSv4.
With NFSv3, nfs.mount_rootonly is true by default and ensured the clients ports were privilaged. This is good.
With NFSv4, the above setting is not used, and mounts from non-privilaged ports is allowed by default. This is bad. At some time in 8.1, nfs.nfs.rootonly was introduced, but the default setting is off which still makes it bad.
With the nfs.nfs_rootonly setting being false, any user on the client machine can gain access to any filesystem the filer exports to that cleint as any user.
Am I the only person who things this is unreasonable?
Now, before anybody starts, I know that NFSv4 has other security models that fix this problem. Thats not the point here. I think the default settings should give he best security they can.
Regards, pdg