[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Kai Hendry wrote:
On Mon, Mar 15, 2004 at 12:26:30PM +0000, Andrew Rogers wrote:The problem is that a client machine could be swapped for a machine with matching UIDs. Just unplug a client from the network at put it its place a laptop which the perpetrator would have root access to. Or even more simple, reboot a client with a Live distro CD (assuming the clients have a CDROM drive).The way it works at school is that machines like personal laptops do not have access to fs via NFS. Trusted machines which have their BIOS protected etc. do have access to NFS.
You can't retrofit security like this - it assumes that the entire network is both physically and logically secure. Might be okay for my wireless network at home, or a University lab, but you wouldn't want to trust your credit card number to it if it spans anywhere outside your immediate vicinity. NFS fails because there is no meaningful credentials presented for each request - but this is an implementation issue - since the protocol allows for such credentials (that's how SUN deployed it with Kerberos I believe). As far as I am aware such credentials don't allow the data to be encrypted in transit, it just authenticates and authorizes the file system action (i.e. data can still be sniffed), but no doubt SUN have a solution for that as well. Google around, there is a very good paper explaining this by the guy who did the patches for Linux NFS to allow some sort of certificate based authentication.
Attachment:
signature.asc
Description: OpenPGP digital signature