[K12OSN] nfs-mounted home -- security?
Dan Young
dyoung at mesd.k12.or.us
Thu Jun 8 15:20:19 UTC 2006
Rob Owens wrote:
> If /home is nfs-mounted, what's to stop somebody with
> a linux laptop from hooking up to the network,
> creating a local user with a UID of say, 510, and then
> accessing the /home files of whoever normally is
> assigned UID 510?
They don't call it "No F-ing Security" for nothing! ;-)
At least you could restrict the exported mount to the network or hosts
you control with something like:
/home 192.168.0.0/255.255.0.0(rw,async)
NFSv4 was supposed to fix all that. Anybody do a non-trivial
implementation w/ it?
--
Dan Young <dyoung at mesd.k12.or.us>
Multnomah ESD - Technology Services
503-257-1562
More information about the K12OSN
mailing list