From owner-freebsd-questions Fri Mar 24 09:22:34 1995 Return-Path: questions-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id JAA10709 for questions-outgoing; Fri, 24 Mar 1995 09:22:34 -0800 Received: from cs.weber.edu (cs.weber.edu [137.190.16.16]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id JAA10703 for ; Fri, 24 Mar 1995 09:22:33 -0800 Received: by cs.weber.edu (4.1/SMI-4.1.1) id AA09610; Fri, 24 Mar 95 10:15:06 MST From: terry@cs.weber.edu (Terry Lambert) Message-Id: <9503241715.AA09610@cs.weber.edu> Subject: Re: your mail To: hh@gate.med-edv.uni-duesseldorf.de (Dr. Olaf Holthausen) Date: Fri, 24 Mar 95 10:15:06 MST Cc: questions@FreeBSD.org In-Reply-To: <199503240718.IAA00237@med-edv.uni-duesseldorf.de> from "Dr. Olaf Holthausen" at Mar 24, 95 08:18:03 am X-Mailer: ELM [version 2.4dev PL52] Sender: questions-owner@FreeBSD.org Precedence: bulk > If I try to mount a directory at an NFS Server, I don't get any access, > the error message is "Permission denied". There is an entry in the > output of mount, but df ignores it. > On the server is an cosole message > "NFS request from unprivileged port." and > "nfs_server: weak authentification" > > The NFS-Server is an SVR4 - System. > > What should I do ? Go into sysadm on the SVR4 box and turn off "secure". Or add the option to the NFS mount line to cause it to use a reserved (privileged -- in the range 1-1023) port. What the option is depends on the version of the mount code you are using (look at the man pages for mount and nfs). What SVR4 is doing is trying to make sure root on the machine doing the mounting is making the request instead of some hacker in a user account using a hack-program to try and break in. This "works" because the only user allowed to allocate an outgoing port in the 1-1023 range is root. This is actually a very weak security "feature"... the root user on a PC is whoever runs the code. Terry Lambert terry@cs.weber.edu --- Any opinions in this posting are my own and not those of my present or previous employers.