[K12OSN] nfs-mounted home -- security?
Jim Kronebusch
jim at winonacotter.org
Thu Jun 8 20:53:19 UTC 2006
On Thu, 08 Jun 2006 08:20:19 -0700, Dan Young wrote
> Rob Owens wrote:
> > If /home is nfs-mounted, what's to stop somebody with
> > a linux laptop from hooking up to the network,
> > creating a local user with a UID of say, 510, and then
> > accessing the /home files of whoever normally is
> > assigned UID 510?
>
> They don't call it "No F-ing Security" for nothing! ;-)
>
> At least you could restrict the exported mount to the network or
> hosts you control with something like: /home
> 192.168.0.0/255.255.0.0(rw,async)
I am sure that in order to use UID 510 and gain access to the users NFS mount
one would also have to know the password, and in that case, no protocol is
secure. I don't think you can just say I'm user 510 and gain access to any
system without matching the password.
--
This message has been scanned for viruses and
dangerous content by the Cotter Technology
Department, and is believed to be clean.
More information about the K12OSN
mailing list