[K12OSN] Linux client file shareing protocols
Jeff Kinz
jkinz at kinz.org
Wed Aug 11 22:24:50 UTC 2004
On Wed, Aug 11, 2004 at 02:52:42PM -0700, Jamie wrote:
> We're setting up some Fedora core 2 stand alone clients for teachers to
> use on their desktops. They all have home directories on one of our
> file servers. I really hate to share these via NFS with the security
> concerns of NFS (exporting the /data/staff/ directory to our entire
> subnet where we could get a malicious user switching UIDs to delete
> other peoples files etc).
I'm not sure I get the problem.
The teachers directories should be mounted only to the machines they
login on, no matter what/where it is.
If your accounts are properly secured, no one should be switching user
IDs at anytime except root. In a networked environment you should make
sure the "Stand-alone clients" ? (These have hard drives ? ) are
administred via NIS.
Using NIS/YP and NFS you shouldn't have any problems of the nature you
describe. Securely NFS auto-mounting a directory full of home directories
has been done at least since the late 80's.
>
> So i am wondering how you guys do it? Is this a legitimate security
> concern? Could i somehow auto-mount the users volumes via smb? I would
> like to not have the users home folder local, but rather located on the
> server.
>
--
Linux/Open Source. Now all your base belongs to you, for free.
============================================================
Idealism: "Realism applied over a longer time period"
Jeff Kinz, Emergent Research, Hudson, MA.
More information about the K12OSN
mailing list