On Tue, 2006-06-20 at 13:20 +0100, Keith G. Robertson-Turner wrote: > Garry T. Williams wrote: > > On Tuesday 20 June 2006 04:31, Keith G. Robertson-Turner wrote: > >> Dan wrote: > > >>> I have an FC5 server which has exported /home via NFS. Client > >>> machines automount /home. > > >> Using /home as a network share is inherently insecure, > > > What does that mean? Paranoia :) > Threats To Server Security > https://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/security-guide/s1-risk-serv.html > > ###### > "Inherently Insecure Services > Another example of insecure services are network file systems and > information services such as NFS or NIS which are developed explicitly > for LAN usage but are, unfortunately, extended to include WANs (for > remote users). Note: LAN! IMO, NFS/NIS are perfectly suitable for use inside of a LAN. Of cause these services impose a certain level on insecurity, but at a certain point paranoia has to stop and trust has to start. You don't wear a hardhat and a bullet-proof suite at home, don't you? Uhh, beware, your wife has access to knifes ... ;) Ralf
