On 2005-02-02 19:22 -0800, Todd A. Jacobs wrote: > On Wed, Feb 02, 2005 at 11:08:17PM +0100, Andre Majorel wrote: > > > Would you rate hostfs as more or less secure than NFS ? > > Depends on your point of view, but I'd say hostfs is less secure. By > definition, you're giving a UML process access to the host in this > scenario, which seems less than airtight. > > A well-secured NFS implementation running inside UML would seem to be a > more secure alternative, at least from the host system's point of view. > YMMV.
I hadn't thought of putting the NFS server in a UML. Although the spoofing issue remains, that's better than what I had in mind. It's not clear to me why a VFS API would be easier to exploit than a TCP/IP stack and a set of four or five daemons implementing a protocol than wasn't designed with security in mind but I'm too ignorant to argue either way. Got to look into shfs too. Thank you all for the advice. -- André Majorel <URL:http://www.teaser.fr/~amajorel/> Do not use this account for regular correspondence. See the URL above for contact information. ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ User-mode-linux-user mailing list User-mode-linux-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
