Re: FC5, Firefox, NFS /home

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2006-06-20 at 16:51 +0200, Ralf Corsepius wrote:

> > > IMO, NFS/NIS are perfectly suitable for use inside of a LAN. Of cause
> > > these services impose a certain level on insecurity, but at a certain
> > > point paranoia has to stop and trust has to start.
> > 
> > NFS allows anyone who can become root on any machine allowed to
> > access it (perhaps by booting a Knoppix CD...) to mount and access
> > anything.  Even if you don't permit root access, anyone who is
> > root locally can pretend to be anyone else.
> And where is the problem? Anyone with physical access to a box, can
> become root anywhere.

That *is* the problem.  Your server may be in a secure room, but
anything shared via NFS is open to anyone with physical access
to any box on the network - or within wireless range if you have
a wireless LAN. 
-- 
  Les Mikesell
   lesmikesell@xxxxxxxxx




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux