Block/disable NFS client

New Contributor

With the recent news of a Gatekeep bypass bug utilizing NFS to get a shell on a remote system, we are looking to block all client NFS communications on our systems till Apple patches the vulnerability.

We been looking all day for a way to block the NFS client but so far come up with nothing.

Anyone else have any ideas on this?


Esteemed Contributor II

@r.stiffler If you look at Filippo Cavallarin's post on the subject at he suggests editing /etc/auto_master to disable this behavior for now. Let's hope Apple fixes it soon as that file is covered by SIP under Catalina.