Re: Security issues for nfs mount

To: gk205@cus.cam.ac.uk (G. Kapetanios)
Cc: debian-user@lists.debian.org
Subject: Re: Security issues for nfs mount
From: joost@rulcmc.leidenuniv.nl (joost witteveen)
Date: Thu, 11 Sep 1997 19:21:21 +0200 (CEST)
Message-id: <[🔎] m0x9Cvh-000CLIC@rulcmc.leidenuniv.nl>
In-reply-to: <[🔎] Pine.SOL.3.96.970911172548.5740B-100000@taurus.cus.cam.ac.uk> from "G. Kapetanios" at "Sep 11, 97 05:28:15 pm"

> 
> Hi,
> 
> I was wondering whether there is anything to worry about if I let 
> another machine nfs mount, read only, root-squash, one directory on my
> machine. Any help will be greatly appreciated.

The only problem I can think of is that root-squash may not be enough
(an attacker may still read files owned by "shadow", etc). So

/tmp    hostname(ro,squash_uids=0-100,squash_gids=0-80)

may be slightly more safe. But after that, I don't anticipate any
problems. 

If anyone still knows problems with that, I'd be interested to hear!


-- 
joost witteveen, joostje@debian.org
#!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Security issues for nfs mount
  - From: "G. Kapetanios" <gk205@cus.cam.ac.uk>

Prev by Date: Re: remove
Next by Date: Re: Security issues for nfs mount
Previous by thread: Security issues for nfs mount
Next by thread: Re: Security issues for nfs mount
Index(es):
- Date
- Thread