Meir Michanie wrote: > The problem with using nfs today is authentication (don't read > authorization, it may be another problem) [...] > 3. get the private key from one compromised client and you have root > control over the net, next step would be ssh root@server -i > compromised-key [...]
Yup, NFS is fundamentally broken in this sense. We discussed this issue on linux-il a while ago (subject: "Secure NFS with untrusted clients"), and shockingly enough there weren't any good answers. The alternative filesystems included AFS, SFS, CODA and InterMezzo. Theoretically all are up to the task, but the last three were immature (at least at that time) and AFS lacks Unix filesystem semantics and is horribly complex. More details in the list archives. > I read this article and I do not know if it works on linux. > http://www.unet.univie.ac.at/aix/aixbman/commadmn/nfs_secure.htm This "secure NFS" implementation seems to take a reasonable approach (apart from the use of DES), but I can't find any reference to a non-AIX implementation. > SO, how do you set a roaming profile ($HOME) without compromising the > entire network to make a walk in the park for a newbie hacker? So far it seems that the only simple, mature and widely available filesystem that can handle untrusted clients is Microsoft's SMB (though no Unix semantics for you unless you use a loopback filesystem on top of that). I'll be extremely glad to be proved wrong. Eran ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
