[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Question on the safety sharing NFS with untrusted machines.

Mike Renfro <renfro@tntech.edu> writes:

> On Thu, Jul 25, 2002 at 01:07:19PM -0500, Dast wrote:
> 
> > So my question is, is it safer to host the NFS from the DMZ and
> > mount remotely on machines in the internal network, or host the NFS
> > from a machine on the internal network and remotely mount in the
> > DMZ?  Or does it matter?
> 
> I suppose it depends on what sort of activity you need to do over the
> NFS mount.

Thanks for the feedback.  That certainly gives me something to chew
on. 

The mount will be just bulk file storage.  I haven't decided if the
machine in the DMZ needs read/write or just read access, however.
Everything on that mount should be publicly accessible to all users,
so in terms of one user getting another's files, that isn't an issue.

-- 
--Dast

 "Practice allows me to receive information like faxes."
  Pharoahe Monch


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: