--- a/usr/src/uts/common/fs/nfs/nfs_server.c Wed Dec 17 10:52:43 2008 -0700
+++ b/usr/src/uts/common/fs/nfs/nfs_server.c Wed Dec 17 12:18:33 2008 -0600
@@ -2049,15 +2049,11 @@
} else if (access & NFSAUTH_WRONGSEC) {
/*
- * NFSAUTH_WRONGSEC is used for NFSv4. Since V2/V3 already
- * negotiates the security flavor thru MOUNT protocol, the
- * only way it can get NFSAUTH_WRONGSEC here is from
- * NFS_ACL for V4. This could be for a limited view, so
- * map it to RO access. V4 lookup/readdir will take care
- * of the limited view portion.
+ * NFSAUTH_WRONGSEC is used for NFSv4. If we get here,
+ * it means a client ignored the list of allowed flavors
+ * returned via the MOUNT protocol. So we just disallow it!
*/
- access |= NFSAUTH_RO;
- access &= ~NFSAUTH_WRONGSEC;
+ return (0);
}
switch (rpcflavor) {