Re: NFS and security
<quote who="Raffaele Sandrini">
> Hi
>
> I recently set up a very little debian system wich i use fo maintaince
> and setup on my clients. Its loaded via the NFSROOT feature of the 2.4
> kernel. To do that i needed to set up a exports entry like:
>
> /path/to/system 10.1.1.0/24(rw,no_root_squash)
while I have not played with NFSROOT yet.. If you want real
security I would look into how the BBLCD is setup. it is a
CD-based distribution. i mention it because it does a lot
of work in making the system available off a read only media.
it would take some work to adapt this system to NFS but i
believe it could work.
the url is here:
http://www.bablokb.de/bblcd/
with some effort I have made a CD that has:
SSH server
NFS server
NFS Client
BIND Name server
PCMCIA support
Firewalling/NAT support
it works by creating a .tar.gz file which extracts to the
/var filesystem which is on a RAMDISK. the rest is read-only.
really nifty. /etc is read only, / is read only ..
with this setup you could get by with almost everything
read only except home directories.
nate
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: