|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
I understand your concern with security but I am on a private network that
is firewalled from the internet. No ports other than what I allow go
anywhere else and it is locked down. My level of paranoia is a notch below
most on this group. On a commercial environment it is certainly a
completely different story.
Doug
On Mon, 18 Jun 2007, Matthew Rosewarne wrote:
> It is an overwhelmingly bad idea to use NFS nowadays. The protocol is so
> inherently insecure that using it is tantamount to leaving your screen door
> unlocked in Mogadishu. If you want to copy the odd file between machines,
> it's a much better idea to use shfs (kernel module) or sshfs (FUSE), which
> let you mount a remote directory via SSH. Otherwise, the only reasonable
> ways to run NFS are by running it over IPSEC or by tunnelling it through SSH.
> Using shfs/sshfs is far easier and just as secure.
>
> %!PS: Is the another way to access your files besides using root? The
> security of using another account, possibly with ACLs, is entirely worth it.
>
"Those that sacrifice essential liberty to obtain a little temporary safety
deserve neither liberty nor safety." -- Ben Franklin (1759)
****************************
* Doug Crompton *
* Richboro, PA 18954 *
* 215-431-6307 *
* *
* doug@crompton.com *
* http://www.crompton.com *
****************************
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|