Hi :)

From what I see, the auth that's defined in RPCContext is parsed but not checked, meaning that any user on a client machine has full access to the data, which might be a security issue.

Is it possible to add that functionality?

Alternatively, exposing the auth (or the context) to the different methods in the NFSFileSystem so that implementers can be responsible for the checks is also a possibility.

Thanks,
Liran

since this is is meant entirely for localhost operation, acting like a FUSE mount, I didn't see significant needs for auth. Perhaps if its a mount running on a multi-user environment? It is possible to implement, but there is a decent amount of work in other parts as well as handle the auth correctly I think.

Can I know more about your needs here and what you need auth for?

I'm working on a central server that will host the nfs service, the data is stored on a custom storage backend so this project suits the needs pretty well.
Clients connect to it when they need to access the files.
The clients may have other services running so limiting access can be nice although not a deal breaker.

I made a few changes to see if I can expose the context to the NFSFileSystem implementation (using tokio::task::LocalKey) so auth may be handled by it. As a proof of concept it works.

Got it. Happy to accept any improvements!