Chad Perrin <[EMAIL PROTECTED]> writes: > On Thu, Dec 20, 2007 at 09:32:50AM -0500, Lowell Gilbert wrote: >> RA Cohen <[EMAIL PROTECTED]> writes: >> >> > I am sorry, here is an addendum to my previous post: >> > >> >>>Somehow Ubuntu was given root user >> > permissions<< >> > >> > Actually, upon rereading my notes, Ubuntu was only given permissions of >> > the user doing the login - not root - but we could login with any valid >> > user apparently FreeBSD thought it was presented with a wildcard password. >> > >> > And I can also verify that FreeBSD clients are able to use the password >> > map when x is used instead of * in the map to represent the password. So I >> > can secure the system using the x but still cannot get Ubuntu clients to >> > authenticate. >> >> Sounds like Ubuntu is using the wrong map, probably one where it's >> getting a different and empty field where it expects to find a password. > > The behavior with an asterisk instead of an X is pretty worrisome, > however, and is not strictly Ubuntu's fault. Security of a server should > not rely on the good will and competence of the client developers.
I agree with the latter sentence, but not the former. When using NFS (without Kerberos), it is built into the protocol that the server trusts the client on the UID/GID. That is a good reason not to use NFS in an untrusted environment, but there really isn't anything FreeBSD can do about it. _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"