> Is it?  My feeling - deriving largely from my experience - is that NFS
> is far more likely to be deployed in a private internal network than
> over relatively attackable networks like the open Internet.  Do you
> have reason to think that feeling is wrong in the large, that "new NFS
> installations" predominantly have threat models where on-the-wire
> attacks are significant enough for them to find NFSv3 unacceptable?
> (Honestly, my guess would be that most of them have not even formulated
> their threat model.)
The problem with NFSv3 is that the server believes the client.
So, if one of my 150 clients gets compromised, all user data is compromised.

Reply via email to