On 29 Sep 2017, at 17:22, George Ross <gdmr(a)inf.ed.ac.uk> wrote:
I dunno why all the hating on diskless. They actually
work, I used the
heck out of them.
The issue we (initially) had with Suns wasn't the stateful/stateless debate,
or indeed that they were discless. It was that horrible "UNIX
authentication" that NFS used.
When I was a summer intern at Sun in ’87, it was common knowledge among the staff that
anyone could find out what hosts an NFS file server trusted by using tftp, which was
installed by default, and anonymously grabbing /etc/exports (or guessing hostnames if you
can’t get the definitive list).
Then you just go “hostname trusted-hostname ; mount -t nfs sever:/dir ; hostname
original-hostname” to mount that file system.
That’s right: the NFS server TRUSTED the NFS client to tell it what it felt like its
hostname should be at that particular instant in time!!! If the name the client sent in
the parameter to the mount rpc call was listed in /etc/exports, then the server returned a
file handle to the client for it to use from then on, even after changing its hostname
back!
I was able to nfs-mount a directory on one of cs.cmu.edu's servers from sun.com’s
network with no problem. Ron may remember me warning him about that!
-Don