Re: NFS replacements for Linux

From: Rohit (exploits_at_engr.uconn.edu)
Date: 10/24/03

  • Next message: Brian Whitehead: "Re: AntiVirus for Red Hat 9?"
    Date: Fri, 24 Oct 2003 12:51:40 -0400
    To: Patrick Morris <pmorris@wilshire.com>
    
    

    Well NFSv3 gives IP based security. It depends upon the client to
    authenticate users. If user A should get root access on a system
    (IP) which can access NFS mountable home directories, he can very easily
    access user B's private information without knowing user B's password.

    NFSv4 can use kerberize authorization for file access, but from what I've
    gathered reading the NFSv4 mailing lists, is that it will be a long time
    until it is production-worthy.

    Rohit

    On Fri, Oct 24, 2003 at 09:03:59AM -0700, Patrick Morris wrote:
    > >
    > What security features do you need that NFS doesn't provide? That'd
    > help narrow things down a bit.


  • Next message: Brian Whitehead: "Re: AntiVirus for Red Hat 9?"

    Relevant Pages

    • Re: Masking/Hiding a password in Perl Source
      ... In the interest of security, I want to find a way to mask this. ... This is actually a hard problem to solve in the general sense. ... so this will simply delay but not impede the attacker who has ... obtained root access. ...
      (comp.lang.perl.misc)
    • Re: Masking/Hiding a password in Perl Source
      ... Chris G. wrote: ... In the interest of security, I want to find a way to mask this. ... obtained root access. ... The purpose was to make it so the password was not readable in the compiled programs. ...
      (comp.lang.perl.misc)
    • Re: (newbie) Question about core linux security
      ... > because the owner has failed to apply the security tools properly. ... A password-protected BIOS that refuses to boot from external media is ... >> root access. ... quit When the quit statement is read, ...
      (comp.os.linux.security)
    • Re: Enabling telnet, ftp, pop3 for root...
      ... then opens the shell and turns back on ... run ALL the commands they want from the script, ... Since nobody had root access to the machine that held the logs, there wasn't a way that somebody could abuse privilege by hiding what they were doing, without making it quite apparent that they were trying to hide their actions. ... Those are all hurdles that are unnecessary when implementing security. ...
      (alt.os.linux)
    • Statement on "Re: New Binary Bruteforcing Method Discovered"
      ... a more technical comment related to security: ... code and / or fake information to mailing lists ... of private proprietary code I won't release any details here. ... notify a certain group and give them root access to machines ...
      (Vuln-Dev)