From owner-freebsd-security  Mon May 14 18:41: 1 2001
Delivered-To: freebsd-security@freebsd.org
Received: from cs4.cs.ait.ac.th (cs4.cs.ait.ac.th [192.41.170.16])
	by hub.freebsd.org (Postfix) with ESMTP id 0931637B42C
	for <freebsd-security@FreeBSD.ORG>; Mon, 14 May 2001 18:40:56 -0700 (PDT)
	(envelope-from on@cs.ait.ac.th)
Received: from banyan.cs.ait.ac.th (on@banyan.cs.ait.ac.th [192.41.170.5])
	by cs4.cs.ait.ac.th (8.9.3/8.9.3) with ESMTP id IAA18490;
	Tue, 15 May 2001 08:38:13 +0700 (GMT+0700)
Received: (from on@localhost)
	by banyan.cs.ait.ac.th (8.8.5/8.8.5) id IAA13223;
	Tue, 15 May 2001 08:40:51 +0700 (ICT)
Date: Tue, 15 May 2001 08:40:51 +0700 (ICT)
Message-Id: <200105150140.IAA13223@banyan.cs.ait.ac.th>
X-Authentication-Warning: banyan.cs.ait.ac.th: on set sender to on@banyan.cs.ait.ac.th using -f
From: Olivier Nicole <on@cs.ait.ac.th>
To: rsimmons@wlcg.com
Cc: anderson@centtech.com, JOulman@iphrase.com,
	freebsd-security@FreeBSD.ORG
In-reply-to: <Pine.BSF.4.21.0105141358540.43455-100000@mail.wlcg.com> (message
	from Rob Simmons on Mon, 14 May 2001 14:02:15 -0400 (EDT))
Subject: Re: nfs mounts / su / yp
References:  <Pine.BSF.4.21.0105141358540.43455-100000@mail.wlcg.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


What about mounting only the user's disk space, and after he has
logged in? If the user authenticate, then the NFS server will export
his home directory to him only.

Would need a mechanism to know when the user logs out too, to reverse
the process.

Beside, why does users need root account?

>I'm running FreeBSD client machines and mixed NFS servers.  My clients
>nfs mount (or automount) the shares from the servers, and all are using

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message