I've been using NFS on my LAN for a while, but that's a totally
unacceptable solution for anything but completely trusted networks.
Also, SunRPC doesn't exactly have the greatest track record in terms of
security. Are there any alternatives to NFS that behave in a similar
fashon (just mount them and they're there as though they were local
filesystems) that are a bit more secure (possibly offering some form of
authentication in addition to just trusting the host, possibly enforcing
some form of user rights so a person can't own a single system and
pretend to be any user they want, etc)?
I'm looking to implement part of a Linux based lab where I can either
dynamically mount each user's home directory when they log in (this is
against a Novell 5 server) or I could possibly mount the whole homes
tree, but that wouldn't work very well (see earlier comment about a
local compromise leading to full rights on the network).
I'm also looking for ways to authenticate against a central directory
(Novell NDS in this case, but I might also want to do some of this at
home where I don't run Novell).
Warren, I'm pretty sure you have some experience with this; care to
share? :)
--MonMotha
- [luau] (Secure) NFS alternatives and centralized authenticat... MonMotha
-
