Bug#384922: NFS insecure without support for squashing multiple groups
Dear Jonathan,
>> NFSv4+krb is better only because ...
> Surely the ability to squash multiple uids is also a help. ;-)
Not when asking to squash groups. :-)
I thought that idmapd worked also with AUTH_SYS.
> Do I understand correctly that you are requesting an export or mountd
> option filter_gid, which would behave like --manage-gids except it
> transforms the effective gid to anongid when the specified gid is not
> a group the user belongs to? I haven't carefully looked over the
> protocol specs but at first glance that seems sensible.
Yes, my exact wish.
Thanks, Paul
Paul Szabo psz@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
Reply to: