On Fri, Feb 04, 2005 at 02:05:18AM +0100, Andre Majorel wrote: > I hadn't thought of putting the NFS server in a UML. Although > the spoofing issue remains, that's better than what I had in > mind.
On 2.6, you can now do authentication with GSSAPI for NFSv3 as well as NFSv4. > It's not clear to me why a VFS API would be easier to exploit > than a TCP/IP stack and a set of four or five daemons > implementing a protocol than wasn't designed with security in > mind but I'm too ignorant to argue either way. > Got to look into shfs too. Three more experimental options: NFSv4 in the 2.6 kernel. Has the advantage of doing communication over a single socket, designed for longer latency connections, potential for delegation, etc. This "experimental" option is actually supposed to work. :-) You might want to try David Howell's cachefs with it; look in AKPM's -mm tree for the patches.] On the wildly experimental side, there is the Global Filesystem, GFS, which uses shared storage (ie., each UML would mount ubdX=<>). Source RPM packages can be found in the Fedora development tree: http://download.fedora.redhat.com:/pub/fedora/linux/core/development/SRPMS [Seems cvs.fedora.redhat.com is down until Monday.] If you need a network filesystem, you might have a look at v9fs ( http://v9fs.sourceforge.net/ ), which implements the 9P2000 protocol derived from Plan 9. Files are served from the host with u9fs, which runs as a normal user process over a single TCP socket. With any of these options, beware on non-POSIX filesystem semantics. Bill Rugolsky ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ User-mode-linux-user mailing list User-mode-linux-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
