Re: NFS Security Question
From: Neil Dickey (neil@geol.niu.edu)Date: 08/15/01
- Previous message: Ryan Russell: "Re: NFS Security Question"
- Maybe in reply to: McGee Olson: "NFS Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200108151539.KAA03530@shiloh.geol.niu.edu> Date: Wed, 15 Aug 2001 10:39:21 -0500 (CDT) From: Neil Dickey <neil@geol.niu.edu> Subject: Re: NFS Security Question To: focus-sun@securityfocus.com
Rich Teer <richard.teer@rite-group.com> wrote in response to someone else:
>> Anyway... All I have to do is invite Bob to log into my box, and his drive
>> mounts automatically, and I CD to it, because I'm root, yes?
>
>By default, root's UID gets mapped to nobody for NFS mounts, so if
>Bob's directory doesn't permit access to others, you still won't be
>allowed to cd to it, even though you're root.
Just for the sake of completeness, it's possible to allow root on NFS
clients root access to mounted filesystems. It has to be specified in
the server's /etc/dfs/dfstab file as part of the option ( -o ) string,
but it can be done. If it has been done and no-one remembers it, then
remote root will have unlimited access.
The option string on the server will look like this:
share -F nfs -o rw=foo:bar,root=foo:bar /stuff
Best regards,
Neil Dickey, Ph.D.
Research Associate/Sysop
Geology Department
Northern Illinois University
DeKalb, Illinois
60115
- Previous message: Ryan Russell: "Re: NFS Security Question"
- Maybe in reply to: McGee Olson: "NFS Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
