On Sunday 23 December 2007 19:31:45 primm wrote: > > > > nfs is good, it mostly just works. But v3 has drawbacks in security, > > > > so if you're not in total control of the network, it might not be so > > > > good > > > > > > > > nfsv4 + kerberos can provide real authentication and encryption > > > > though, so you still don't have to abandon nfs > > > > > > 4 years ago it cost me two days work and a 300 Euro installation cost > > > from an engineer who also sold me the licences for my workstations. > > > That was w2000. > > > > > > It was plagued by viruses and most of my hardware wan't recognised so I > > > had to fork out for new machines too. 5000 Euros later. > > > > > > I'm now reading that Linux nfs which I installed by yast all by myself > > > is also a security risk. > > > > It is a security risk in that it's not encrypted. > > > > Another problem is that the nfs server in versions 3 and below fully > > trusts the client about user IDs. It won't put viruses on your machines, > > but it does mean that if you don't control the root account on all > > machines, anyone can read any file, or write to any share. > > What? So, I login as me. There is no way nfs will let me write to the > folders of other users. Unless the other user has given me permission to do > so. What do you mean by 'control the root account on all machines'? No one > else other than me can login as root on any box on my network.
That is exactly what I mean by "controlling the root account". So you don't have a problem then Anders -- Madness takes its toll -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
