On Wed, 6 Dec 2017 at 12:09:43 +0100 Didier Kryn <k...@in2p3.fr> wrote:
> Le 06/12/2017 à 11:53, Alessandro Selli a écrit : >> On Wed, 6 Dec 2017 at 11:38:25 +0100 >> Didier Kryn <k...@in2p3.fr> wrote: >> >>> Le 05/12/2017 à 23:54, Alessandro Selli a écrit : >>>> On 05/12/2017 at 11:46, Yevgeny Kosarzhevsky wrote: >>>> >>>> [...] >>>> >>>>> Any good reason to refuse NFS in favor of those? >>>> In short: no. Just be aware that NFS is as secure as the trusted >>>> networks it sits on. Any inside compromised machine can jeopardize the >>>> whole distributed filesystem. >>> BTW, there's nothing secret in /usr. >> But you would mind a rogue node serving an NFS client of yours a >> malicious binary executable or library in place of the original one, >> wouldn't you? Privacy is just one, not the sole security concern. >> Integrity is, too. > > Sure. Lock the room :-) I just lock the network. Alessandro _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng