Re: tcpwrapped rpcbind/portmap?

From: Reg Quinton (reggers@ist.uwaterloo.ca)
Date: 08/17/01


Message-ID: <00a401c1274c$4a979390$9d6c6181@uwaterloo.ca>
From: "Reg Quinton" <reggers@ist.uwaterloo.ca>
To: "Geoff Collis" <geoff@andale.com>, <focus-sun@securityfocus.com>
Subject: Re: tcpwrapped rpcbind/portmap?
Date: Fri, 17 Aug 2001 14:41:55 -0400


> I believe I need "rpcbind" to allow my secured host to NFS mount the NFS
> shares on my Network Appliance file servers.

You do not need to run rpcbind or any RPC services to be an NFS client. You
need to run a wack of RPC services if you're an NFS server. To prove that
I just killed off rpcbind on my Solaris 8 desktop and was still able to succesfully
do an NFS mount of one of our NetApps. I have rpcbind running but the only
service it offers up is the legato client (required to backup my machine).

If you're after *other* NFS related services (like NFS file locks, automounter,
etc.) then you may need some RPC services. But an NFS client does not need
rpcbind or any other local RPC services.

See the discussion at http://ist.uwaterloo.ca/security/howto/2000-09-19/
and http://ist.uwaterloo.ca/security/howto/1999-06-23.html

I hope this helps.