Subject: Re: Starting nfs service
To: None <Netbsd-Users@NetBSD.org>
From: Erik Osheim <firstname.lastname@example.org>
Date: 09/27/2003 15:40:52
On Saturday, September 27, 2003, at 03:09 PM, Chuck Yerkes wrote:
> Quoting Max (netbsd-users@NetBSD.org):
>> I'm a newbie in NFS so excuse me if I did something stupid.
>> I have a problem starting nfsd.
>> I created
>> -rw-rw-r-- 1 root wheel 47 Sep 26 12:21 /etc/exports
>> /usr/pkgsrc /usr/pkgdist -maproot=root pc2
>> I added
>> to /etc/rc.conf
> You need:
> rpcbind (aka portmap on some platform).
> optionally lockd.
> rpcinfo -p localhost
> should show that nfsd is running (likely on 2049)
> along with mountd.
> And you want files in /etc/ to NOT be group writable as a matter
> of course. You leave yourself open to easy compromise. all I
> have to do is get on as a user who happens to be in group wheel
> on your machine and I can export whatever I want, however I want.
> That's bad.
Should this get added to the checks in /etc/security?
'find /etc -perm -0022 -print' would do the trick, I believe.