Hans,
you are not wrong. if security is a very big concern, use samba
instead of nfs. samba will do just about any authentication you want since
it can be compiled to use PAM (Pluggable Authentication Module). julius
On Thu, 7 Mar 2002, Hans Ekbrand wrote:
> On Wed, Mar 06, 2002 at 12:02:04AM +0100, Hans Ekbrand wrote:
> > On Tue, Mar 05, 2002 at 05:26:58PM -0500, Julius Szelagiewicz wrote:
> > > On Tue, 5 Mar 2002, Hans Ekbrand wrote:
> > > > I was not thinking on system security, but the security you would want
> > > > to grant the *users*, e.g. that no cracker (other user) wipes out their
> > > > research project files.
> >
> > > Hans,
> > > this one is difficult and there are no good solutions. there are
> > > good pointers though: 0. do frequent backups. 1. guard the passwords, 2.
> > > change passwords frequently, 3. guard the passwords and never, ever send
> > > them in open text over the network. 3. leads directly to 4. use only ssh
> > > to log in, disable telnet permanently. 4. if at all possible, have common
> > > directory 440 for all the users and writable only by few select
> > > moderators, better yet, have users full control of their own data with
> > > posting priviledges to 1 directory that is "continously" backed up to a ro
> > > directory. the backups have to create new versions every time a file is
> > > changed. this is pretty paranoid and rather expensive, but about as safe
> > > as you can get and still do collaborative work.
> >
> > Good points.
> >
> > You are right, rw NFS isn't that bad. I did not know of the "security"
> > option that forces the client to use a low port to access NFS shares.
> > That makes a big difference in a private, hostile network.
>
> After contemplating the matter for a while, I still think it is a
> serious security risk. As far as I know there is no password
> authenication involved with NFS, so you only have to a) bind to a low
> port and b) use the same UID on the client as the user that has files
> on the NFS share that you want (rw) access to.
>
> Now, consider a malicious user, who has prepared his laptop at home,
> plugs it in to the local network, uses the same ip as one of the LTSP
> servers, runs a bad script, and in a moment every users files are gone! A
> alternative way would be booting from a customized floppy, if the thin
> clients offer that possibility.
>
> I have only a limited understanding of security issues, but am I wrong
> here?
>
> --
>
> Hans Ekbrand
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.openprojects.net
