RE: nis : how to avoid user1 becoming user2 using local root ?
From: Toni Heinonen (Toni.Heinonen_at_teleware.fi)
Date: 04/02/04
- Previous message: Gord Philpott: "Re: iptables firewall script for debian-woody, 2.4.24"
- Next in thread: Frank Burkhardt: "Re: nis : how to avoid user1 becoming user2 using local root ?"
- Reply: Frank Burkhardt: "Re: nis : how to avoid user1 becoming user2 using local root ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 2 Apr 2004 11:34:27 +0300 To: "Frank Burkhardt" <fbo2@gmx.net>, <focus-linux@securityfocus.com>
> to everyone. The problem is the NFS-server trusting UIDs on remote
> computers.
Yes, but by using LDAP you get a consistend UID space all over your network, and user1 (1001) and user2 (1002) are the same users on each machine. Yes, this is the solution to the NFS-server trusting UIDs, but it also means you have to trust each computer.
Or you might as well use winbind instead of LDAP and get the user information from a domain.
- Previous message: Gord Philpott: "Re: iptables firewall script for debian-woody, 2.4.24"
- Next in thread: Frank Burkhardt: "Re: nis : how to avoid user1 becoming user2 using local root ?"
- Reply: Frank Burkhardt: "Re: nis : how to avoid user1 becoming user2 using local root ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
