On Tuesday 11 May 2004 08:34 am, Andrew Jorgensen wrote: > Squashing root is about all you can do to make NFS safe for the server, > but it doesn't help much. The problem is that an attacker can set his > uid to whatever he wants and have access to files owned by that uid. He > just can't mess with files owned by root.
So are you saying that making modifications to hosts.allow / hosts.deny doesn't help any? Also, from what I have learned, you "export" to IP addresses. Course, seeing what I've seen, I assume these things can be faked. > > On each client, 128.187.200.251:/home is mounted to /home (I point local > > users elsewhere) On user set up, should I use > > 128.187.200.251:/home/username instead of /home/username? > > Will that even work? I don't think it will. You could use autofs if you > wanted the real location of a user's home to be more agile, but that's > probably not what you want. I dunno, that is why I asked. But I guess since it's been done in fstab, it's really pointless even if you could. -- Jacob Albretsen [EMAIL PROTECTED] ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
