RFS is by far better that NFS!

[Steve Dyer]

Yes, it's true.  An amazingly big security hole once you
start thinking about it.  I thought that Sun had some
"secure RPC" feature in recent releases which suffices
to limit its impact, but I don't know the details.
At Project Athena, we added a small amount of code to our
NFS servers such that every uid (not just root) is mapped
to "nobody" unless that uid/IP address pair has a "uid
mapping structure", a new data structure residing in the
NFS server kernel.  UID mapping structures are securely
installed on the server using a new rpc.mountd RPC call
which uses the Kerberos authentication system.  We have
an application which runs on the client called "attach"
which integrates name service, authentication and the mount
protocol.

-- 
Steve Dyer
dyer at ursa-major.spdcc.com aka {ima,harvard,rayssd,linus,m2c}!spdcc!dyer
dyer at arktouros.mit.edu, dyer at hstbme.mit.edu