[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: openbsd yp security
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: openbsd yp security
- From: "David S." <davids_(_at_)_idiom_(_dot_)_com>
- Date: Thu, 30 Jan 2003 21:51:20 -0800
> In an environment using YP and NFS mounted homes, would it be simple to
> masquerade as another uid?? If the server has nothing to do with
> authenticating, yet trusts the client to report it's uid correctly...
> that seems pretty dodgy!!
Which is why to some people NFS is an acronym for "No File Security".
There are some implementation of NFS that require authentication via
a Kerberos ticket or a public key before a client can access an
exported file system. Don't think any of those are supported by
Visit your host, monkey.org