Re: [LUG] NFS not secure.

To: list@xxxxxxxxxxxx
Subject: Re: [LUG] NFS not secure.
From: Andrew Rogers <andrew@xxxxxxxxxxxxxxxx>
Date: Mon, 15 Mar 2004 12:26:30 +0000
Reply-to: list@xxxxxxxxxxxx

Kai Hendry wrote:

On Sun, Mar 14, 2004 at 07:58:03PM +0000, Andrew Rogers wrote:

I need to export user directories over a local network but NFS isn't secure. Anyone can access the user filesystem provided the UID matches.

UID should not match unless users have root. Don't break the model.

The problem is that a client machine could be swapped for a machine with matching UIDs. Just unplug a client from the network at put it its place a laptop which the perpetrator would have root access to. Or even more simple, reboot a client with a Live distro CD (assuming the clients have a CDROM drive).

Andrew


--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.

Re: [LUG] NFS not secure.
- From: Kai Hendry

References:
- [LUG] NFS not secure.
  - From: Andrew Rogers
- Re: [LUG] NFS not secure.
  - From: Kai Hendry

Prev by Date: Re: [LUG] NFS not secure.
Next by Date: Re: [LUG] NFS not secure.
Previous by thread: Re: [LUG] NFS not secure.
Next by thread: Re: [LUG] NFS not secure.
Index(es):
- Date
- Thread

Lynx friendly