Re: [scottish] htdocs as NFS Share

Sun, 06 Jan 2002 10:25:07 -0800 

Hi Mike,

On Fri, 4 Jan 2002, Iain Conochie wrote:
> > /home. (rw, no_root_squash)
> > /www. apollo (rw, no_root_squash)

(I'm assuming that the ``.''s after www and home aren't in the original
/etc/exports file :)

It looks like the security is a little broken here. You're exporting both
/home and /www as (rw, no_root_squash) to the whole world (which seems a
little rash)

If you want to restrict NFS access of /www to apollo, you must not have a
space between "apollo" and "(rw, no_root_squash)". The export(5) Linux man
page is woefully underdescriptive of this fact, but look at the examples
at the bottom.

Its a classic one-character-wrong root compromise, mistyping:
  / trusted_machine(rw, no_root_squash)
as
  / trusted_machine (rw, no_root_squash)


HTH

Paul.

> 
> Try putting in the ip address of apollo instead of the name - it may not
> be resolving it properly.
> 
> >
> > Also, should my apache doc root be owned by root:root?
> 
> >
> > Any help greatly appreciated,
> >
> > best wishes
> >
> > Mike
> > --------------------------------------------------------------------
> > http://www.lug.org.uk                   http://www.linuxportal.co.uk
> > http://www.linuxjob.co.uk               http://www.linuxshop.co.uk
> > --------------------------------------------------------------------
> >
> 
> 
> --------------------------------------------------------------------
> http://www.lug.org.uk                   http://www.linuxportal.co.uk
> http://www.linuxjob.co.uk               http://www.linuxshop.co.uk
> --------------------------------------------------------------------
> 

------------------------------------------------------------------------------
Paul Millar                            yo-yo, n. :
Particle Physics Theory Group              Something that is occasionally
Department of Physics and Astronomy        up but normally down.
University of Glasgow,                     (see also Computer)
Glasgow G12 8QQ,                                       [EMAIL PROTECTED]
Scotland                                               +44 (0)141 330 4717
------------------------------------------------------------------------------

--------------------------------------------------------------------
http://www.lug.org.uk                   http://www.linuxportal.co.uk
http://www.linuxjob.co.uk               http://www.linuxshop.co.uk
--------------------------------------------------------------------

Reply via email to