Subject: Re: FH munging
To: Gordon W. Ross <firstname.lastname@example.org>
From: Jim Reid <email@example.com>
Date: 03/25/1997 09:45:39
>>>>> "Gordon" == Gordon W Ross <firstname.lastname@example.org> writes:
Gordon> As a practical matter, NFS is adequately secure if you
Gordon> keep it protected behind a firewall, as most sites do
Gordon> these days. This also avoids the performance costs of
Gordon> secure RPC, etc.
Sorry, firewalls don't help much (if at all). At best, they can block
off NFS traffic from the outside world. All this does is remove one
not very significant threat. The big danger comes from the internal
users who have the means, motive and opportunity to do evil things on
the LAN if they choose to. In a world where anyone can load UNIX on
their PC and become root, a lot of security assumptions that many
sites (naively) rely upon simply fly out the window.
BTW, the security problems are not really a failing of the NFS
protocol - stateless servers don't help mind you - but of the poor
authentication methods it relies upon.