[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Old(?) NFS security problem
- To: luci-discuss@luci.org
- Subject: Old(?) NFS security problem
- From: Travite Davies <travitedavies@yahoo.com>
- Date: Sun, 31 Jul 2005 18:07:20 -0700 (PDT)
- DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=TTk5EOLZDSWblWZEhkjSzgl6d41zdhsqWSry3QUQ38mXPMv9tU/CWePp6C2abB+mPsiSA7k847j+P63t5jHPgsGhigFUdn+DZamBvhafC4XKDLsejTtLLix6bbL9+yCy0p5XugV8qDu9T2sDyw9+5QZp+kVxt5z99lF+GZRgABw= ;
- In-Reply-To: <20050731011749.GA6015@osiris.silug.org>
- Organization: Linux Users of Central Illinois
- Reply-To: luci-discuss@luci.org
- Sender: luci-discuss-owner@luci.org
Hey Everyone,
I am researching NFS for a linux Security and administration course I am taking. I cam across information about a security problem in the NFS HOW-TO Where if the IP is spoofed an attacker can gain access to host. And that if the attacker's Username on the client machine has the same effective UID as the user who's exported volume the attacker is accessing, the attacker is also the owner and can modify files.
I Know the How-to is old, and I was wondering if you can point me in the right direction to sites which address the issue to safe guard against it, or if it is still a problem.
Thank you for any help you can provide
Travis
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com