Ldap authentication and NFS mounts
- From: linuxnewbie1234 <linuxnewbie1234@xxxxxxxxxxx>
- Date: Tue, 27 Feb 2007 18:01:20 +0100
Hi all,
we recently set up a MacOsX fileserver/ldap-server which should provide centralized authentication for all our computers and provide the home directories for all the users, so that an user can log in to whatever machine and see his own home directory.
We have both Windows and Linux client machines. Windows imports them via the domain system / CIFS (I suppose... somebody else is doing this part).
On Linux we were thinking about using NFS to share the homes.
The problem is that in Linux, the root of each machine can just do "su" to become whatever other user, and see the home of whatever other user from the MacOsX fileserver mount! This is not what we want.
Is there any way to prevent this? Can we mount the directories via SMB, and would this help?
Note that for now we were only able to do the mount of the homes in linux machines *statically*, that is, with an entry in fstab which mounts all the homes together, and not user-by-user at the moment of login. Is our vulnerability only caused by this or it would exist anyway?
Thanks for any help.
We are newbies of this ldap/windows-domain and shared homes thing.
.
- Follow-Ups:
- Re: Ldap authentication and NFS mounts
- From: Walter Mautner
- Re: Ldap authentication and NFS mounts
- From: J.O. Aho
- Re: Ldap authentication and NFS mounts
- Prev by Date: Re: Newbie Question
- Next by Date: Re: Ldap authentication and NFS mounts
- Previous by thread: Simple Shell Script
- Next by thread: Re: Ldap authentication and NFS mounts
- Index(es):
Relevant Pages
|
