Re: nfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Tim wrote:

On Mon, 2007-11-19 at 15:12 +0100, roland wrote:

I used in /etc/exports the option no_root_squash and this does it.


It's not usually a good idea to do that.  Someone being root on one
machine is a risk for that machine.  But if they're also treated as root
across a network, that's even more so.

I can't imagine why root ownership of files ought to be involved in
the /home space, unless you've got someone running as root when they
really shouldn't do, and they're saving files in their homespace.
If this was a followup on the "backup vmware" post, I think the point was to be able to back up all files through a read-only mount. But it probably is a good thing to understand that nfs is not very secure - even if you don't allow root access, it is trivial for someone who can be root on the client machine (or reboot it with a live CD...) to impersonate anyone else. 

--
  Les Mikesell
   lesmikesell@xxxxxxxxx
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux