Re: (OT) The NFS security system

[Andrew Perrin <clists@perrin.socsci.unc.edu>]

On Fri, 13 Sep 2002, Raffaele Sandrini wrote:

> I have to say something to that NFS thing... I mean NFS does then not respect 
> the very basics of file sharing. Even M$ does better. There u have everytime 
> the server or a PDC wich checks the rights but N E V E R the client. I mean, 
> how could the initial devloppers of NFS don't think about that? Trusting the 
> client is a ridicolous thing... I can't imagine then a situation where NFS 
> can be a good solution because for anonymous file services i can use FTP.
> 
> cheers,
> Raffaele


NFS was designed in a very different context from the one in which we now
operate. A few computers sat on a closed network, generally all
administered by one or a few people, and were accessed via terminals or
via very expensive workstations connected via an ethernet. The idea of
carrying a laptop in, plugging it into the network, and "becoming" a
trusted workstation was all but unimaginable.  As such, NFS is a way of
sharing filesystems among hosts, not files among users.  To say "M$ does
better" is to fail to grasp a large variety of realities about the
differences in design, history, implementation, stability, and purpose of
the two systems.

----------------------------------------------------------------------
Andrew J Perrin - http://www.unc.edu/~aperrin
Assistant Professor of Sociology, U of North Carolina, Chapel Hill
clists@perrin.socsci.unc.edu * andrew_perrin (at) unc.edu