Ehud Karni wrote: > On 15 Nov 2002 00:28:00 +0200, Meir Michanie <[EMAIL PROTECTED]> wrote: >>3. get the private key from one compromised client and you have root >>control over the net, next step would be ssh root@server -i >>compromised-key > > That is not true. The intruder has already root privile for the > broken in system and all she can do is what she can do localy on > that system (she can not run anything on the NFS host directly).
Indeed, not directly. But the intruder can get access any of the files which the server exports to this client. This usually includes the home directories of all users (bad enough!), and possibly includes the home directory of the server's root or someone who frequently performs tasks as server root. > So it's quite secure (as secure as SSH for login). Hardly. NFS over SSH buys you security from outsiders, but the only thing it buys you with respect to insiders (or their compromised boxes) is accountability (you can see which SSH key was used to connect, *if* you can spot the exact time of intrusion and have sufficiently detailed logs and server root wasn't compromised). Eran ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
