When trying to mount a NFS share that is exported by a Linux NFS server (the kernel implementation), I got a „Permission denied“ error. There are lots of explanations around in the internet that recommend to use the
resvport mount option like
$ sudo mount -t nfs -o resvport,rw kepler:/home/bwalle /Volumes/kepler
However, I didn’t want to change the settings on the client but on the server. This has the advantage that I can still use Finder to mount NFS which isn’t able to provide special mount options.
The solution was to use
What is insecure about that option? Well, the check comes from the early days of Unix where only the system administrator had the root password. So only applications running as root can open TCP connections with privileged source ports (below 1024). However, nowadays everybody knows that NFS in its versions 2 and 3 are insecure by design and removing the check for the source port doesn’t make it more insecure.