Date: Thu, 02 Apr 1998 16:56:19 +0600 From: Anton Voronin <anton@urc.ac.ru> To: freebsd-security@FreeBSD.ORG Subject: Is there a safe way for filesystem export? Message-ID: <35236ED3.E90D12AD@urc.ac.ru>
next in thread | raw e-mail | index | archive | help
Greetings, I have an application server working under 2.2-STABLE which also exports filesystems for workstations which boot by means of netboot from their local DOS-partition. They do not have local unix partitions, except swap, /tmp and /var/tmp partitions. If the user simply cracks BIOS and boots from FreeBSD diskette, he can mount a partition from the server which is exported for read/write and not mapping root to nobody, and, say, place there a setuid file that runs shell. Is there a possibility to authenticate NFS client not only by its IP-address but by some more secure way? Or could it be a subject for further development (if it is not limited by NFS principals)? -- Anton Voronin | Ural Regional Center of FREEnet, <anton@urc.ac.ru> | Southern Ural University, Chelyabinsk, Russia http://www.urc.ac.ru/~anton | Student / programmer / system administrator To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35236ED3.E90D12AD>