[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: About how to protect network resources in LDAP environment?



On Fri, Aug 27, 2010 at 7:06 PM, Min Wang <ser.basis@gmail.com> wrote:
>
> user1 can log in as local root on Linux PC1,
> Even though as root, user1 can not rm /home/user2,
> but he can su - user2 on Linux PC1 then rm something.
You need NFS4 with gssapi. This way to access someone's file you need
an appropriate (his) credentials from KDC (which will be hosted near
by your LDAP server).

-- 
Zaar


Reply to: