Re: passwords within a small LAN: how?
From: Les Mikesell (lesmikesell_at_comcast.net)
Date: Sat, 02 Aug 2003 18:30:00 GMT
"Jingleheimer" <email@example.com> wrote in message
> > It should be enough to have the same uid on the NFS client and NFS
> > server, as soon as the export is "rw", and you mount the export with the
> > right login/pass.
> Yes---I find that it does work. But couldn't somebody set up a machine
> with the same uid and same login as a target user without knowing the
> password, then just connect to the network and access the target's files?
That is an issue with NFS in general regardless of the way you
handle authentication. For a small lan you can limit the hosts
that are allowed to connect to block unknown machines
but you still have the problem that anyone who can be root on his
own machine can pretend to be anyone else in the system since
root is allowed to su to anyone else.
--- Les Mikesell firstname.lastname@example.org