Manualshelf

nfs_portmon.5 (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages
12
n
nfs_portmon(5) nfs_portmon(5)
(Tunable Kernel Parameters)
NAME
nfs_portmon - enable/disable the NFS server’s source port verification check
VALUES
Failsafe
0
Default
0
Allowed values
Minimum: 0 - disable checking
Maximum:
1 - enable checking
DESCRIPTION
nfs_portmon controls some security checking that the NFS server can do in an attempt to enforce
integrity on the part of its clients. The NFS server can check to see whether the source port from which a
request was sent is a reserved port; a reserved port is a port whose port number is less then 1024. For
BSD-based systems, these ports are reserved for processes being run by privileged users. This checking
helps prevent users from writing their own RPC-based applications which defeat the access checking that
the NFS server uses.
Who Is Expected to Change This Tunable?
The distributed file system administrator should examine the value of this parameter if he or she wishes
to prevent malicious users from gaining access to files by using an NFS server they would not ordinarily
be able to access.
Restrictions on Changing
The
nfs_portmon tunable is dynamic; any change will take effect immediately on the running system.
The reserved port notion is not universally supported. Therefore, interoperability problems might result if
this checking is enabled.
What Are the Side Effects of Enabling This Check?
Some NFS clients may not be able to connect to the NFS server.
WARNINGS
All HP-UX kernel tunable parameters are release specific. This parameter may be removed or have its
meaning changed in future releases of HP-UX.
Installation of optional kernel software, from HP or other vendors, may cause changes to tunable parame-
ter values. After installation, some tunable parameters may no longer be at the default or recommended
values. For information about the effects of installation on tunable values, consult the documentation for
the kernel software being installed. For information about optional kernel software that was factory
installed on your system, see HP-UX Release Notes at http://www.hp.com/go/hpux-core-docs
.
AUTHOR
nfs_portmon was developed by Sun Microsystems, Inc.
SEE ALSO
kctune(1M), sam(1M), gettune(2), settune(2).
HP-UX 11i Version 3: September 2010 1 Hewlett-Packard Company 1

Summary of content (2 pages)