Mailinglist Archive: opensuse (1445 mails)

< Previous Next >
Re: [opensuse] SAMBA.
On 16/03/12 13:05, James Knott wrote:
lynn wrote:
On 16/03/12 02:18, James Knott wrote:
Carlos E. R. wrote:
On the other hand, Linux native filesystem protocol, NFS, has no
passwords
at all, it is completely insecure.

I thought NFS access was via user ID. The drawback of this is different
users could have the same ID on different computers. For example, I
could be user 1000 on my computer and you would be 1000 on yours. An NFS
file server sharing for ID 1000 couldn't tell the difference between me
& you.

But surely, no decent admin would allow her network to have id
collision. e.g. Yast always chooses a unique uid be it /etc/passwd or
ldap.
L x

That's ssuming the admin controlled all the computers on a network.
What's to stop someone from bringing in a notebook and plugging it in?
At many companies, nothing.


Hi

The admin controls _every_ computer on the network. It's one thing plugging in your laptop and a totally different thing authenticate using it. For us it's easy. Under Kerberos, you'd need to decrypt a machine and a user key in under 8 hours. I don't think it can be done.

L x
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups