Re: NFS and security
hi ya raffaele
On Fri, 28 Jun 2002, Raffaele Sandrini wrote:
> I recently set up a very little debian system wich i use fo maintaince and
> setup on my clients. Its loaded via the NFSROOT feature of the 2.4 kernel. To
> do that i needed to set up a exports entry like:
>
> /path/to/system 10.1.1.0/24(rw,no_root_squash)
/etc 10.1.1.0/24(ro... )
/path/to/home 10.1.1.0/24(ro... )
#
# only "A" on the other end can write into /home/a
#
/path/to/home/a 10.1.1.a/32(rw... )
/path/to/home/b 10.1.1.c/32(rw... )
/path/to/home/c 10.1.1.c/32(rw... )
simple way to make it little stiffer... but not by much
and use automounters so "root" is not needed to manually mount stuff
and root probably should be squashed..
- i'd like a better way to do stuff too ...
c ya
alvin
secure fs...
http://www.Linux-Sec.net/FileSystem/ - at bottom
> As you can see this is _very_ insecure cause everyone can conntect and alter
> it who is in my network and has a machine on wich his root.
> Ok to make it secure i could only let the machines access on wich would like
> to start the system at the moment but its annoying to alter the exports file
> everytime...
> Is there a way to make that secure by still using NFS? (not initrd or similar
> things)
>
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: