Le 06/12/2017 à 11:53, Alessandro Selli a écrit :
On Wed, 6 Dec 2017 at 11:38:25 +0100
Didier Kryn <k...@in2p3.fr> wrote:
Le 05/12/2017 à 23:54, Alessandro Selli a écrit :
On 05/12/2017 at 11:46, Yevgeny Kosarzhevsky wrote:
[...]
Any good reason to refuse NFS in favor of those?
In short: no. Just be aware that NFS is as secure as the trusted networks
it sits on. Any inside compromised machine can jeopardize the whole
distributed filesystem.
BTW, there's nothing secret in /usr.
But you would mind a rogue node serving an NFS client of yours a malicious
binary executable or library in place of the original one, wouldn't you?
Privacy is just one, not the sole security concern. Integrity is, too.
Sure. Lock the room :-)
Didier
_______________________________________________
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
