hi ya rafaele
if the other system needs to be able to read root owned files...
than have this server send that file to the other side
"that file" being one of this types of files:
chmod 400 /etc/foo.txt
chown root.root /etc/foo.txt
scp /etc/foo.txt othersi
> Hi
>
> I recently set up a very little debian system wich i use fo maintaince
> and setup on my clients. Its loaded via the NFSROOT feature of the 2.4
> kernel. To do that i needed to set up a exports entry like:
>
> /path/to/system 10.1.1.0/24(rw,no_root_squash)
while I have not playe
> As you can see this is _very_ insecure cause everyone can conntect and
> alter it who is in my network and has a machine on wich his root.
A sysadmin I know suggested that kerberos authentication could solve this
problem, although I have no idea how it's implemented.
Ben
--
To UNSUBSCRIBE
On Friday 28 June 2002 17:56, Bob Proulx wrote:
> > /path/to/system 10.1.1.0/24(rw,no_root_squash)
>
> Yes. Why do you need the no_root_squash enabled? I strongly
> recommend you disable that. It is hard to think about any other
> security improvements while that is enabled.
I need it becau
hi ya raffaele
On Fri, 28 Jun 2002, Raffaele Sandrini wrote:
> I recently set up a very little debian system wich i use fo maintaince and
> setup on my clients. Its loaded via the NFSROOT feature of the 2.4 kernel. To
> do that i needed to set up a exports entry like:
>
> /path/to/system
> /path/to/system 10.1.1.0/24(rw,no_root_squash)
>
> As you can see this is _very_ insecure cause everyone can conntect and alter
> it who is in my network and has a machine on wich his root.
Yes. Why do you need the no_root_squash enabled? I strongly
recommend you disable that. It is h
6 matches
Mail list logo
