Re: Limiting admin privileges

To: <debian-user@lists.debian.org>
Subject: Re: Limiting admin privileges
From: Jeremy Gaddis <jlgaddis@blueriver.net>
Date: Mon, 17 Dec 2001 20:28:29 -0500 (EST)
Message-id: <[🔎] Pine.LNX.4.31L2.0112172025500.578-100000@earthquake.home.lan>
In-reply-to: <[🔎] 200112172336.PAA28261@kona.cup.hp.com>

On Mon, 17 Dec 2001, allen wayne best just ramblin in his amx wrote:

> robert:
>
> for what it is worth, the drives that i have mounted on my machine via nfs
> cannot be changed via root. root is an unpriviledged user so far as the nfs
> mounted files are concerned. my normal user can only change files which the
> user has access to. same for root. these files are exported from an hp-ux
> machine. in order for root to have priviledged access on my machine, the
> exporting machine has to explicitly set the privileges.
>
> for more information on this refer to man exports under "User ID Mapping"

If the user has physical access to the Linux machines,
however, root access is trivial.  If you have root access
and mount drives using NFS, access to other user's files
is also trivial.  On an NFS volume, root cannot (assuming
"root_squash") write to files.  root can, however, su to
any user s/he chooses and then gains write access to all
of that user's files.

j.

--
Jeremy L. Gaddis     <jlgaddis@blueriver.net>

Reply to:

References:
- Re: Limiting admin privileges
  - From: "allen wayne best just ramblin in his amx" <kde@rl76065.cup.hp.com>

Prev by Date: Re: Mouse trouble in X using a KVM switch
Next by Date: Re: URGENT - Bind broken by potato-> woody
Previous by thread: Re: Limiting admin privileges
Next by thread: Re:Limiting admin privileges
Index(es):
- Date
- Thread