"Michael H. Warfield" wrote:
> Snicker... I don't think so...
>
> I know of at least one "exploit" that let a user create a suid
> root file for Unix on a Novel NFS server just by making it "read only".
>
I'm sure everyone can drag a lot of skeletons out of the closet regarding
NetWare 3.x security. Big deal ! If you're still running 3.x, well, let's just
say these things are no suprise. Would you expect an 8 year old version of Unix
to be secure ? NFS is only as secure as the access you allow it to the UNIX
volume - if I let you have write access to the root of my server, then I deserve
what I get. Whether I get that access through NFS, NetWare NFS, TFTP - hardly
matters...
<snip>
> Considering the insular, closed, proprietary
> environment they are coming from, I don't really think they have much of
> a security clue.
>
Hmmm... this would be opposed to a forward thinking, open, security concious
company like, say, Microsoft ?
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
