But rsh,rcp,rlogin are setuid, who owns an NFS request, and how do you
decide who to charge for an ack frame. A seperate list might cope
with this, but then how do you maintain it.
> also knows the destination address and port. It is rather simple to
> insert code which matches the address and port against a set of ACLs,
> and then looks for the user in the ACL if it finds one.
We don't have time to scan a list for each packet easily. Not unless you
say "ok low speed only"