Joe Sloan wrote:
Anders Johansson wrote:
It is a security risk in that it's not encrypted.
Another problem is that the nfs server in versions 3 and below fully trusts the client about user IDs. It won't put viruses on your machines, but it does mean that if you don't control the root account on all machines, anyone can read any file, or write to any share.
Nah, if you use root_squash that isn't going to happen. remote nfs root access gets mapped to nobody, with limited rights and privileges.
He's talking about someone having access to a root account, and making a fake ID with the same UID number as another legitimate account (usually for the purpose of data espionage or data sabotage/destruction).
Joe
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org