Hans,
this one is difficult and there are no good solutions. there are
good pointers though: 0. do frequent backups. 1. guard the passwords, 2.
change passwords frequently, 3. guard the passwords and never, ever send
them in open text over the network. 3. leads directly to 4. use only ssh
to log in, disable telnet permanently. 4. if at all possible, have common
directory 440 for all the users and writable only by few select
moderators, better yet, have users full control of their own data with
posting priviledges to 1 directory that is "continously" backed up to a ro
directory. the backups have to create new versions every time a file is
changed. this is pretty paranoid and rather expensive, but about as safe
as you can get and still do collaborative work. much of the backup and
versioning can be don for you by good development / versioning packages.
there are a few commercial ones and they can get pretty paranoid and
expensive. never used them, but understand from those that do, that
managing versioning in a project development cycle often is a full time
job of high responsibility. julius
On Tue, 5 Mar 2002, Hans Ekbrand wrote:
> On Tue, Mar 05, 2002 at 04:18:54PM -0500, Julius Szelagiewicz wrote:
> > No, nfs mounted writable directories are not a security risk, provided
> > that the ownership and permissions on the higher level directoris are not
> > compromised. what you also need to do is to make sure that there are some
> > reasonable limits on the file size for users, so that you don't run out of
> > space on /home. julius
>
> I was not thinking on system security, but the security you would want
> to grant the *users*, e.g. that no cracker (other user) wipes out their
> research project files.
>
> --
>
> Hans Ekbrand
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.openprojects.net
