[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
On Sun, Mar 14, 2004 at 07:58:03PM +0000, Andrew Rogers wrote:The problem is that a client machine could be swapped for a machine with matching UIDs. Just unplug a client from the network at put it its place a laptop which the perpetrator would have root access to. Or even more simple, reboot a client with a Live distro CD (assuming the clients have a CDROM drive).
I need to export user directories over a local network but NFS isn't secure. Anyone can access the user filesystem provided the UID matches.
UID should not match unless users have root. Don't break the model.
-- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.