RFS is by far better that NFS!

James Buster bitbug at lonewolf.sun.com
Fri Dec 15 17:02:56 AEST 1989


In article <218 at inpnms.UUCP> logan at inpnms.UUCP (Jim Logan) writes:
> We all have 386's on our desks running RFS and have enjoyed
> having root access to our machines, but not on the server.  From
> what we have read, this is not possible under NFS.  Is this true?  
> 
> We are in the process of changing over to NFS from RFS under
> 386/ix in order to use the large disks on our MV 40000 running
> DG/UX.  
> 
> Is seems that the only way to prevent root access on the server
> under NFS is by appointing one person as the administrator.  It
> doesn't make much sense to have one person responsible for an
> entire network of 386's.  He would have to be responsible for
> changing the mode of files, killing processes, etc.  No one
> around here wants grunt work like this.
> 
> Is this really a security issue, or are we misinformed?  Is
> there a solution?

I'm not sure what question you are asking? Do you mean,
does a root user on the client have normal root file access
permissions on file systems mounted from the server, or is
a root user on the client able to log into the server as root?

By default in NFS, a user with uid 0 is mapped to uid -2 when
check permissions on NFS partitions. This means that a user with
uid 0 cannot normally affect anything on an NFS mounted partition.
This feature may be disabled.

NFS has nothing to do with a user's ability to log in as root
on a server.
--
---------------------------------------------------------------------
        James Buster		(Domain) bitbug at lonewolf.ebay.sun.com
  Mad Hacker Extraordinaire	(UUCP)   ...!sun.com!lonewolf!bitbug
---------------------------------------------------------------------



More information about the Comp.unix.i386 mailing list