Mailinglist Archive: opensuse (1445 mails)

< Previous Next >
Re: [opensuse] SAMBA.
Carlos E. R. said the following on 03/16/2012 07:15 AM:
On 2012-03-16 02:18, James Knott wrote:
Carlos E. R. wrote:
On the other hand, Linux native filesystem protocol, NFS, has no passwords
at all, it is completely insecure.

I thought NFS access was via user ID.

Precisely.
And they can be faked.

The drawback of this is different
users could have the same ID on different computers. For example, I could
be user 1000 on my computer and you would be 1000 on yours. An NFS file
server sharing for ID 1000 couldn't tell the difference between me & you.

Absolutely. Users can not be remapped, to my knowledge.

While I count my self fortunate in that I've always been able to ensure
matching user IDs, I thought there was a tool for remapping ...
nfsmapid(4) or rpc.idmapd and idmapd.conf(5)

http://www.dcache.org/manuals/Book-2.1/config/cf-idmap-fhs.shtml
https://wiki.archlinux.org/index.php/NFSv4#ID_mapping

There's probably more too it and there's probably a need to experiment,
but this isn't a "there isn't a way" suituation.

Oh, yes, there will be user IDs that don't map, a user that exists on
one machine and not the other. Such is real life.

--
Leadership is understanding people and involving them to help you do a
job. That takes all of the good characteristics, like integrity,
dedication of purpose, selflessness, knowledge, skill, implacability, as
well as determination not to accept failure. ~ Admiral Arleigh A. Burke
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups