diff options
author | Neil Brown <neilb@suse.de> | 2007-03-15 15:38:35 +1100 |
---|---|---|
committer | Neil Brown <neilb@suse.de> | 2007-03-15 15:38:35 +1100 |
commit | dad50c0e589b5651242de50e81200b036d995b73 (patch) | |
tree | 9bf2a9ffe6a364a426519a4657b545549c8e1f95 /configure.in | |
parent | c40336aa88c7a914227cc751118e165e985c2b78 (diff) | |
download | nfs-utils-dad50c0e589b5651242de50e81200b036d995b73.tar.gz nfs-utils-dad50c0e589b5651242de50e81200b036d995b73.tar.xz nfs-utils-dad50c0e589b5651242de50e81200b036d995b73.zip |
Make --enable-secure-statd the default.
i.e. you now need --disable-secure-statd if you want any client
other than lockd to talk to statd.
Also relax the RESTRICTED_STATD checks so that a recent kernel
with /proc/sys/fs/nfs/nsm_use_hostnames set can still talk to
statd.
Finally, restrict access to simulate_crash so that only privileged
processes on localhost can call it. Having it accessible by the
whole world is probably not much more than a minor inconvenience,
but it really should be kept closed.
Diffstat (limited to 'configure.in')
-rw-r--r-- | configure.in | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/configure.in b/configure.in index c0148bd..258188a 100644 --- a/configure.in +++ b/configure.in @@ -91,7 +91,7 @@ AC_ARG_ENABLE(secure-statd, [AC_HELP_STRING([--enable-secure-statd], [Only lockd can use statd (security)])], test "$enableval" = "yes" && secure_statd=yes, - secure_statd=no) + secure_statd=yes) if test "$secure_statd" = yes; then AC_DEFINE(RESTRICTED_STATD, 1, [Define this if you want to enable various security checks in statd. These checks basically keep anyone but lockd from using this service.]) fi |