Re: How to synchronise NFS uid
Use pam-ldap, nss-ldap to centralize uid/gids.
Roberto C. Sanchez писал(а):
> On Fri, Oct 13, 2006 at 10:11:47AM +0200, Matus UHLAR - fantomas wrote:
> > > On Fri, Oct 13, 2006 at 09:23:47AM +0200, Matus UHLAR - fantomas wrote:
> > > > Note that NFS was created (by SUN microsystems) for homogenous networks
> > > > where all people/computers used same shared password databases (e.g. NIS,
> > > > formerly known as YP).
> > > >
> > > > For this reason is it (was) not safe for environments where anyone (read:
> > > > admin of each system) can set up any access rights (s)he wants.
> >
> >
> > On 13.10.06 03:55, Roberto C. Sanchez wrote:
> > > Read: if anyone but you has root OR unmonitored physical access to
> > > his/her machine, then you lose.
> >
> > unless you will never execute any program/script on the NFS filesystem
> > (shared or mounted) and put only shareable files there...
>
> Except that even without considering executable binaries and scripts,
> you still have the possibility that someone can read/write to files
> which they otherwsie would not permission to.
>
> Regarsd,
>
> -Roberto
> --
> Roberto C. Sanchez
> http://people.connexer.com/~roberto
> http://www.connexer.com
>
> --RhUH2Ysw6aD5utA4
> Content-Type: application/pgp-signature
> Content-Disposition: inline;
> filename="signature.asc"
> Content-Description: Digital signature
> X-Google-AttachSize: 190
Reply to: