This is a semi-related question.

My understanding is that now rpc2 has the AES-bsed crypto, but still
has the xor code.  I'd hope it defaults to aes, but presumably this is
subject to a MITM degrading back to xor.  Is there an easy way to
compile the server and remove the xor code so one can have confidence
that only AES is accepted?  I realize this will break xor-only
clients, but that's a feature.

I'd also like to disable all non-authenticated filesystem operations.