Bopolissimus Platypus said: > I am, however, concerned about the fact that anyone who can fake my IP > (e.g., if i'm not in the office or my computer is off) can get all my > access rights on the nfs server simply by setting his IP to mine and > setting his uid to mine). >
If these are your only concerns, you can force your nfs server to communicate with your machine by setting its ethernet address fixed in /etc/ethers. That way, even when your machine is off, it will simply ignore clients with different ip-mac address pairs. Of course, there is a loophole here. That is if somebody finds an ethernet card with programmable mac address. on the higher level, you may as well try client authentication based on kerberos. rowel -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
