[K12OSN] teaching kids sys admin with VM's
robark at gmail.com
Thu Jan 17 19:25:13 UTC 2008
On 1/17/08, Les Mikesell <les at futuresource.com> wrote:
> Network wise, vmware can look like a separate box bridged to the NIC(s)
> on the host (separate IP's on the same subnet) or the host can NAT so it
> only uses the host IP externally.
So I would prefer NAT to eth1 or bridged to eth0. So no service runs
on outside network. Can I as root restrict this choice? Or can they
choose since they are the owner of the VM.
One thing to watch security-wise is
> that if you have NFS-exported home directories, anyone who can become
> root on a client machine can impersonate anyone else and access their
> files over NFS.
Rats! Forgot about that. It's okay with my current setup since I
don't run a separate nfs server. But instead of running everything on
the server I was thinking about switching from ltsp to a diskless
client setup (100% local apps)
Since ddr2 ram is so cheap now and a c2d celeron e1200 is $55, one can
buy a nice cheap diskless client today. Problem is a diskless client
would need to mount home over nfs. Which rules out having a VM since
kids could change their uid in the VM.
Thanks for the reminder Les.
Eric Hamber Secondary, Vancouver, Canada
C++ GUI tutorial http://www3.telus.net/public/robark/
More information about the K12OSN