Re: Samba vs NFS

• Previous message: alux: "Re: Samba vs NFS"
• In reply to: Jennifer Fountain: "Samba vs NFS"
• Next in thread: Steve Barnet: "Re: Samba vs NFS"
• Reply: Steve Barnet: "Re: Samba vs NFS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 21 Feb 2005 23:16:16 -0500
To: focus-linux@securityfocus.com

On Thursday, February 17 at 05:42 PM, quoth Jennifer Fountain:
> Hi all:
> My company is looking at samba or NFS to allow our clients to access
> shares from their Windows workstations and their linux ssh sessions.
> From a security standpoint, which option is "more" secure? Which option
> is more vulnerable than the other? Etc, etc ,etc. I appeciate any
> security information about NFS or samba that you may have.

Something you should know... NFS doesn't use passwords. NFS decided to
skip the whole security thing. The way it works is that in the NFS
server you specify what computers are allowed to use the server, and
those servers have full access. Whoever the clients say they are, the
server will trust them, including root. The idea is that it is the
client operating system's responsibility to make sure that people are
who they say they are. NFS trusts clients completely. Typical NFS
installations have either very few clients, or the clients are all
closely controlled by the administrator.

If you're going to be allowing, say, Windows machines to access your
file server, I STRONGLY suggest using a file sharing protocol that does
NOT trust the clients. If Samba is your only alternative, go for Samba.
There's also stuff like OpenAFS that you can consider.

~Kyle

-- 
Moral indignation is jealousy with a halo.
-- H. G. Wells

• application/pgp-signature attachment: Digital signature

• Previous message: alux: "Re: Samba vs NFS"
• In reply to: Jennifer Fountain: "Samba vs NFS"
• Next in thread: Steve Barnet: "Re: Samba vs NFS"
• Reply: Steve Barnet: "Re: Samba vs NFS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]