On Thu, 27 Sep 2001, Peter Jay Salzman wrote: > if anyone has any tips on optimizing nfs or making it more secure, i'm all > ears too.
"Squash root" (that is, prohibit root SUID executables over the NFS mounted directories) when using NFS. This is the standard security measure used when running NFS, but may or may not be set by default in the configuration files. As I understand NFS, its protocol is inherently insecure (I think it just passes around some tokens with little authentication). If you trust your firewall and everyone behind it then you should be okay. For all practical purposes it should be alright, but you never know. -Mark -- Mark K. Kim http://www.cbreak.org/mark/ PGP key available upon request.
