Hi > Tilo Lutz [EMAIL PROTECTED] wrote: > > Ups, I'm sorry, I mean root_squash. I looked in the wrong line > > Although as local root it's possible to get access to data > > with "su $user" because with su the user id is not 0 and > > access will be granted. > > It is always possible - as long as your "pam.conf", "login.conf" or > whatever allows for it. and there is no way to prevent this with an untrustable root on client side.
> It has nothing to do with NFS. If you don't want it (and still let > people know each other password) - simple take shell access away from > them. This won't be a solution because as I told you I can't trust root on the clients. Students have to be root for educational reasons on the client. The problem with NFS is it trusts remote uid numbers and ip numbers wich in not very secure in both cases. Why should people know each other password? > All this can be described as "Basic Unix administration" and has > nothing to do with Samba ... I aggreee with you. Paul Gienger wrote I should use NFS and I wrote I can't use it because it is too insecure for my usage. NFS can only be used in a closed trusted network. It's always possible to get all data from an NFSv3 server with faked IPs and uidNumbers. This is not possible with samba because the password is always required. So back to my first question: Why doesn't kde run with a homedir mounted via cifs? Cheers, Tilo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
