On Tue, 13 May 2025 at 15:50, Jeff Layton <jlayton@xxxxxxxxxx> wrote: > > Back in the 80's someone thought it was a good idea to carve out a set > of ports that only privileged users could use. When NFS was originally > conceived, Sun made its server require that clients use low ports. > Since Linux was following suit with Sun in those days, exportfs has > always defaulted to requiring connections from low ports. > > These days, anyone can be root on their laptop, so limiting connections > to low source ports is of little value. > > Make the default be "insecure" when creating exports. I'd request that you also rename the darn thing to "resvport" and "noresvport", and keep "insecure"+"secure" as a depreciated alias around. if you do that you'll get a Reviewed-by: Cedric Blancher <cedric.blancher@xxxxxxxxx> Ced -- Cedric Blancher <cedric.blancher@xxxxxxxxx> [https://plus.google.com/u/0/+CedricBlancher/] Institute Pasteur
