On Thu, Nov 07, 2002 at 03:21:49PM -0800, Todd A. Jacobs wrote:
> On Thu, 7 Nov 2002, Ed Wilts wrote:
>
> > I used 0/0 as an example. If you choose to map source uid/gid of
> > 500/500 to local uid/gid 600/600, then you still trust the remote
> > system's view of who 500/500 is. root_squash does not help you here.
>
> root_squash and all_squash are mapped automatically to nobody. Sure, you
> could override that, but then you can stick a gun barrel in your mouth,
> too; doesn't mean it's wise, and the fault doesn't lay with the gun.
I'll agree with you for readonly file sharing. For read/write, I'll
stick by my claims. I think we were both arguing the same thing except
that I was thinking read/write and you were thinking readonly.
.../Ed
The people that really understand how to manage NFS securely across the
Internet don't post NFS questions to this list :-)
--
Ed Wilts, Mounds View, MN, USA
mailto:ewilts@;ewilts.org
Member #1, Red Hat Community Ambassador Program
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
