UID and GID are compared to the UID and GID on the server to validate their authenticity. These IDs can be shared across unix systems using NIS or some other facility. Anything subsequently executed on the remote system is run under that effective UID and GID.

The application behind the server may implement further authentication, but note that AUTH_UNIX does not authenticate the user in itself; it trusts the UID and GID supplied.

From Section 9.3:

9.3 DES Authentication

   UNIX authentication suffers from two major problems:

         (1) The naming is too UNIX oriented.
         (2) There is no verifier, so credentials can easily be faked.

   DES authentication attempts to fix these two problems.

If you use Unix authentication you can only assume that the message originates from a trusted host and some mechanism was in place to authenticate the user before they got the chance to do something that originated the call.

In this case it would be up to the application to verify user credentials. The originating machine name is also supplied so you could make sure that the originating IP address matches it and only reply to that address – this has obvious vulnerabilities to DNS cache poisoning attacks. Also, making this play nicely with DHCP or NAT is left as an exercise to the reader ;-}

Which means you have little choice but to trust the UID and GID or do additional verification within the application sitting on top of your RPC library. The RFC discusses more secure authentication mechanisms. However, Sun RPC is not the most secure of protocols and is generally not recommended for services provided to untrusted clients.