[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Question on the safety sharing NFS with untrusted machines.

On Thursday, 2002-07-25 at 14:51:09 -0500, Dast wrote:
> Mike Renfro <renfro@tntech.edu> writes:

> > On Thu, Jul 25, 2002 at 01:07:19PM -0500, Dast wrote:

> > > So my question is, is it safer to host the NFS from the DMZ and
> > > mount remotely on machines in the internal network, or host the NFS
> > > from a machine on the internal network and remotely mount in the
> > > DMZ?  Or does it matter?

> > I suppose it depends on what sort of activity you need to do over the
> > NFS mount.

> Thanks for the feedback.  That certainly gives me something to chew
> on. 

> The mount will be just bulk file storage.  I haven't decided if the
> machine in the DMZ needs read/write or just read access, however.
> Everything on that mount should be publicly accessible to all users,
> so in terms of one user getting another's files, that isn't an issue.

If you don't have realtime requirements, you could rsync between
the two machines.

Lupe CHristoph
| lupe@lupe-christoph.de       |           http://www.lupe-christoph.de/ |
| I have challenged the entire ISO-9000 quality assurance team to a      |
| Bat-Leth contest on the holodeck. They will not concern us again.      |
| http://public.logica.com/~stepneys/joke/klingon.htm                    |

To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: