Raffaele Sandrini <rasa@gmx.ch> [2002-09-13 18:35:09 +0200]: > On Friday 13 September 2002 18:23, Miquel van Smoorenburg wrote: > > So basically there is no NFS security system .. > > Hmm i assumed that... but thats very bad... I mean, that makes NFS > unusable in a LAN wich needs to be protected also against its own > users. Yes. Now you have the concept. Which is why *nobody* likes the NFS (no)security model. It is only okay on a local lan where you trust everybody. And or everyone on the local lan alreayd has root access and so it just does not matter. > Every user can just connect his Laptop to the network and > "surf" as root in the NFS shares... so you need the squash root > everywhere and that makes it unusuable for system things like > nfsroot :-(( Actually you should not be worried about root so much. The root-squash will keep any root owned file safe. Which is why all system files on a unix machine are owned by root such as / and /bin, etc. In the old, old days those were owned by 'bin' instead of 'root' but that had to change once NFS appeared on the scene. Today root is the only safe user because of the root-squash. What you should be worried about is a user becoming 'you' and accessing your files or becoming 'named' and taking over your DNS server or becoming 'postdrop' and rewriting mail in the mail queues. All kinds of NFS attacks are available against any file on an NFS server which are not owned by root. Therefore any server that needs any type of security should not run the NFS server. One model of operation is that NFS servers are never the same machines as NFS clients and that works as well as can be expected. (Unfortunately, even though I believe that strongly I still can't make that happen on all of the machines I attend to.) BTW there is really no such thing as "NFS shares". Shares are a windows thing. NFS uses exported filesystems. (I am sorry. That "NFS shares" thing just grates on my nerves.) > Is there another common way for shring files on Linux? A system wich > respects the UNIX user system? Please don't say SAMBA cause it does > not do that... Almost certainly everyone will point you to [1] AFS or the more recent CODA. AFS uses kerberos to authenticate users. It uses ACLs (Access Control Lists) which seem more normal to non-computer users but old timer unix users tend to be confused by them. AFS is an industrial grade solution but can be very heavy. So in a nutshell if you have to ask then it is probably too heavy for you. [1] http://www.openafs.org/ Bob
Attachment:
pgpGI49MZBHf1.pgp
Description: PGP signature