On Wed, 6 Dec 2017 at 11:38:25 +0100 Didier Kryn <k...@in2p3.fr> wrote:
> Le 05/12/2017 à 23:54, Alessandro Selli a écrit : > > On 05/12/2017 at 11:46, Yevgeny Kosarzhevsky wrote: > > > > [...] > > > >> Any good reason to refuse NFS in favor of those? > > In short: no. Just be aware that NFS is as secure as the trusted networks > > it sits on. Any inside compromised machine can jeopardize the whole > > distributed filesystem. > BTW, there's nothing secret in /usr. But you would mind a rogue node serving an NFS client of yours a malicious binary executable or library in place of the original one, wouldn't you? Privacy is just one, not the sole security concern. Integrity is, too. Alessandro _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
