> Well the firewall itself isn't in question, it's the fact that mountd is
> running between the machines that have users on them inside the firewall,
> is there any security problem with running mountd that can be locally
> exploited? If there is then i would just disable the daemon; not exporting
> anything nesc at this point. Limiting access would work too, but first
> I wanted to establish if much of a risk exists.
> As far as what's being exported goes, it's only (rw) filesystems to the
> machines inside the firewall.
Your inside users could take advantage of the mountd. Maybe they won't.
If you trust those users, then you don't need to worry about them. IP
addresses can be faked. Userids can be faked from machines where someone
has root access or physical machine access.
Security comes from a combination of trust and distrust that is correctly
attributed. If you know correctly who you can trust and who you cannot
trust, you will do the right thing, given the right information.
I have found a situation where I was exporting a filesystem ro to all hosts
and rw to two hosts. However, it turned out that all hosts had rw. I do
not know what was wrong, and because it wasn't anything important, I just
removed it all and never investigated.