On Saturday, September 27, 2003, at 03:09  PM, Chuck Yerkes wrote:

> Quoting Max (netbsd-users@NetBSD.org):
>> Hi,
>>
>> I'm a newbie in NFS so excuse me if I did something stupid.
>> I have a problem starting nfsd.
>>
>> I created
>> -rw-rw-r--  1 root  wheel  47 Sep 26 12:21 /etc/exports
>> with
>> /usr/pkgsrc /usr/pkgdist -maproot=root pc2
>>
>> I added
>> mountd=YES
>> nfsd=YES
>> to /etc/rc.conf
>
> You need:
>   rpcbind (aka portmap on some platform).
>   nfsd
>   mountd
>   optionally lockd.
>
> rpcinfo -p localhost
>   should show that nfsd is running (likely on 2049)
>   along with mountd.
>
> And you want files in /etc/ to NOT be group writable as a matter
> of course.  You leave yourself open to easy compromise.  all I
> have to do is get on as a user who happens to be in group wheel
> on your machine and I can export whatever I want, however I want.
> That's bad.
>

Should this get added to the checks in /etc/security?

'find /etc -perm -0022 -print' would do the trick, I believe.

-- Erik