This is a semi-related question. My understanding is that now rpc2 has the AES-bsed crypto, but still has the xor code. I'd hope it defaults to aes, but presumably this is subject to a MITM degrading back to xor. Is there an easy way to compile the server and remove the xor code so one can have confidence that only AES is accepted? I realize this will break xor-only clients, but that's a feature.
I'd also like to disable all non-authenticated filesystem operations.
