Re: NFS Security Question
From: Armin Safarians (armin.safarians@safeway.com)Date: 08/15/01
- Previous message: Leckemby Jeffrey M Contr ACC/INSC (SPECTRUM): "RE: Audit Explanations"
- In reply to: Rich Teer: "Re: NFS Security Question"
- Next in thread: Matthew Collins: "Re: NFS Security Question"
- Next in thread: Casper Dik: "Re: NFS Security Question"
- Next in thread: Darren Moffat: "Re: NFS Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <3B7A83D8.5B3DA620@safeway.com> Date: Wed, 15 Aug 2001 07:14:49 -0700 From: "Armin Safarians" <armin.safarians@safeway.com> To: "Rich Teer" <richard.teer@rite-group.com> Subject: Re: NFS Security Question
Of course, however you can always su to bob and get permission to his sensitive
data. There is no need to have root on the mount in this case to accomplish the
bad dead. As mentioned in a few threads back, the only was that is reasonable to
implement is to use secure NFS. Some thing more that the standard unix
authentication.
AMS :-)
Rich Teer wrote:
> On Tue, 14 Aug 2001, Ryan Russell wrote:
>
> > Anyway... All I have to do is invite Bob to log into my box, and his drive
> > mounts automatically, and I CD to it, because I'm root, yes?
>
> By default, root's UID gets mapped to nobody for NFS mounts, so if
> Bob's directory doesn't permit access to others, you still won't be
> allowed to cd to it, even though you're root.
>
> --
> Rich Teer
>
> President,
> Rite Online Inc.
>
> Voice: +1 (250) 979-1638
> URL: http://www.rite-online.net
-- ******* RISK In the pursuit of a dream, the best path will often span the deepest ravine *******"WorldSecure Server <safeway.com>" made the following annotations on 08/15/01 08:15:02 ------------------------------------------------------------------------------ Warning: All e-mail sent to this address will be received by the Safeway corporate e-mail system, and is subject to archival and review by someone other than the recipient. This e-mail may contain information proprietary to Safeway and is intended only for the use of the intended recipient(s). If the reader of this message is not the intended recipient(s), you are notified that you have received this message in error and that any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately.
==============================================================================
- Previous message: Leckemby Jeffrey M Contr ACC/INSC (SPECTRUM): "RE: Audit Explanations"
- In reply to: Rich Teer: "Re: NFS Security Question"
- Next in thread: Matthew Collins: "Re: NFS Security Question"
- Next in thread: Casper Dik: "Re: NFS Security Question"
- Next in thread: Darren Moffat: "Re: NFS Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|