Re: Is there any encrypted or secure NFS?

To: debian-user@lists.debian.org
Subject: Re: Is there any encrypted or secure NFS?
From: Mark Roach <mrroach@okmaybe.com>
Date: Tue, 06 Jan 2004 00:35:17 -0500
Message-id: <[🔎] 1073367317.17142.170.camel@flmrroach.okmaybe.com>
In-reply-to: <[🔎] vpdrllolzojm.fsf@lemming.engeast.baynetworks.com>
References: <[🔎] Pine.LNX.3.96.1040105183559.21176A-100000@Maggie.Linux-Consulting.com> <[🔎] 1073361849.17136.139.camel@flmrroach.okmaybe.com> <[🔎] vpdrllolzojm.fsf@lemming.engeast.baynetworks.com>

On Mon, 2004-01-05 at 23:30, Paul Smith wrote:
> %% Mark Roach <mrroach@okmaybe.com> writes:
> 
>   mr> Note: if you tell me that he is going to boot off a knoppix CD and
>   mr> crack root on the box to su to userB, you must give me at least
>   mr> one example of an alternative that is not susceptible to an attack
>   mr> by a malicious local root
> 
> Any method that forces the client to authenticate himself by more than
> simple UID.  It must be doable since Windows SMB does it: having
> Administrator privileges on your Windows box doesn't give you the
> ability to read anyone else's files on a remote SMB share.

Two words, keystroke logger. Or, have a telnetd program set to autostart
on that windows box on logon, log in to the telnet session, instant
access.

> For example, there are versions of NFS that use Kerberos for
> authentication.  In this scenario simply being root (which given
> physical access to the box is obviously trivial) won't get you access to
> someone else's files.  I don't personally know of any site that uses
> this, but it's in the NFS standards.

> You may argue that if you have root access on your target's box you can
> snoop enough information to fake out Kerberos, and you're probably
> right.

Yup. Install a key-sniffer, wait for the victim to unwittingly type his
password.

>   You can install trojans, for starters.  But at least you have to
> have root access on _their_ box 

incorrect, see above.

This is all a moot point though, the fact is that there is no way to
secure the data going in and out of a machine such that root can't ever
get at it. There are lot's of attempts at making it difficult (it's
called DRM) but it is not something that is possible to completely
attain. The sensible person will use the tool that makes the job
difficult enough to dissuade the likely attackers based on the level of
risk involved (this is assuming that security/complexity are tradeoffs,
if there exists a more secure, less complex option, it's a no-brainer).

I am not saying that nfs is super-secure here, so I hope nobody gets me
wrong. (though I do think that in many cases it is "good enough") My
only point in all of this is that if you think other protocols have
magic, not-even-root-can-catch-me-now-bwahahaha voodoo, you are
mistaken.

-- 
Mark Roach

Reply to:

Follow-Ups:
- Re: Is there any encrypted or secure NFS?
  - From: "Paul Smith" <pausmith@nortelnetworks.com>

References:
- Re: Is there any encrypted or secure NFS?
  - From: Alvin Oga <aoga@ns.Linux-Consulting.com>
- Re: Is there any encrypted or secure NFS?
  - From: Mark Roach <mrroach@okmaybe.com>
- Re: Is there any encrypted or secure NFS?
  - From: "Paul Smith" <pausmith@nortelnetworks.com>

Prev by Date: Re: Debian, 2.6 kernel and WIFI card on laptop ?
Next by Date: Re: delete file based on content
Previous by thread: Re: Is there any encrypted or secure NFS?
Next by thread: Re: Is there any encrypted or secure NFS?
Index(es):
- Date
- Thread