Re: passwords within a small LAN: how?
From: Les Mikesell (lesmikesell_at_comcast.net)
Date: 08/02/03
- Next message: Rod Smith: "Re: ADSL modems and Linux"
- Previous message: Rohan Beckles: "NAT, IRC and DCC file transfers"
- In reply to: Jingleheimer: "Re: passwords within a small LAN: how?"
- Next in thread: Jingleheimer: "Re: passwords within a small LAN: how?"
- Reply: Jingleheimer: "Re: passwords within a small LAN: how?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 02 Aug 2003 18:30:00 GMT
"Jingleheimer" <johnjacob@foobar.schmidt.com> wrote in message
news:3F2ACEF4.9030709@foobar.schmidt.com...
> >
> > It should be enough to have the same uid on the NFS client and NFS
> > server, as soon as the export is "rw", and you mount the export with the
> > right login/pass.
> >
>
> Yes---I find that it does work. But couldn't somebody set up a machine
> with the same uid and same login as a target user without knowing the
> password, then just connect to the network and access the target's files?
That is an issue with NFS in general regardless of the way you
handle authentication. For a small lan you can limit the hosts
that are allowed to connect to block unknown machines
but you still have the problem that anyone who can be root on his
own machine can pretend to be anyone else in the system since
root is allowed to su to anyone else.
---
Les Mikesell
lesmikesell@comcast.net
- Next message: Rod Smith: "Re: ADSL modems and Linux"
- Previous message: Rohan Beckles: "NAT, IRC and DCC file transfers"
- In reply to: Jingleheimer: "Re: passwords within a small LAN: how?"
- Next in thread: Jingleheimer: "Re: passwords within a small LAN: how?"
- Reply: Jingleheimer: "Re: passwords within a small LAN: how?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
