l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
December 2: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2001 Dec 30 17:10

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] adventures in NFS land
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] adventures in NFS land



On Thu, 27 Sep 2001, Peter Jay Salzman wrote:

> if anyone has any tips on optimizing nfs or making it more secure, i'm all
> ears too.

"Squash root" (that is, prohibit root SUID executables over the NFS
mounted directories) when using NFS.  This is the standard security
measure used when running NFS, but may or may not be set by default in the
configuration files.

As I understand NFS, its protocol is inherently insecure (I think it just
passes around some tokens with little authentication).  If you trust your
firewall and everyone behind it then you should be okay.  For all
practical purposes it should be alright, but you never know.

-Mark

--
Mark K. Kim
http://www.cbreak.org/mark/
PGP key available upon request.


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.