I just read a post in comp.security.unix entitiled "widespread security hole in exporting of filesystems" which claims there are ways to break into a system that has filesystems exported to itself. Does anyone know anything about this? The post said "the trick is to make RPC requests via the portmapper, in such a way that they appear to the mount daemon to be coming from within the host itself." The post mentions a program that is "out there" to exploit this hole. If anyone has any knowledge of this, could you please post instructions on how to test for this. thanks, -- # Baba Z Buehler # Beckman Institute Systems Services, Urbana Illinois # # "How come that big box of bright ideas you sent # me is the one they say fell off the truck?" -- Butch Hancock # # WWW: http://www.beckman.uiuc.edu/groups/biss/people/baba/ # PGP Public Key available via finger baba@beckman.uiuc.edu