Re: NFS Security Question

From: Hal Flynn (flynn@securityfocus.com)
Date: 08/13/01


Date: Mon, 13 Aug 2001 14:59:01 -0600 (MDT)
From: Hal Flynn <flynn@securityfocus.com>
To: <focus-sun@securityfocus.com>
Subject: Re: NFS Security Question
Message-ID: <Pine.GSO.4.30.0108131457200.2025-100000@mail>


> Can't do that the way you explained. You might want to try giving sudo
> access and restrict permissions from there. No matter how you slice it,
> root is root and root can do anything.

Which brings up a good point. Using something such as RBAC could change
the ability of this user, as well as root, to su to another user, and even
mount files via NFS. Definately worth looking into, IMO.

Hal Flynn
Sun/Linux Focus Area Manager
Securityfocus

"Arbeit macht das Leben süss."



Relevant Pages

  • Re: NFS Security Question
    ... Subject: NFS Security Question ... All I have to do is invite Bob to log into my box, ... help if you are root (in the traditional maning of having full-control ... restricted root accss (say, shared compute servers that access an NFS ...
    (Focus-SUN)
  • Re: NFS Security Question
    ... Subject: NFS Security Question ... On Tue, 14 Aug 2001, Darren Moffat wrote: ... > The only solution in this case is to use NFS with RPC security stronger ... If I'm sitting in front of my desktop Sparc, I can always get root. ...
    (Focus-SUN)
  • Re: NFS Security Question
    ... Subject: NFS Security Question ... On Tue, 14 Aug 2001, Ryan Russell wrote: ... All I have to do is invite Bob to log into my box, ... even though you're root. ...
    (Focus-SUN)