Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!cs.utexas.edu!sm.unisys.com!hplabs!hpda!hpcuhb!hpcllla!hpclisp!hpclscu!shankar From: shankar@hpclscu.HP.COM (Shankar Unni) Newsgroups: comp.unix.wizards Subject: Re: NFS security Message-ID: <670028@hpclscu.HP.COM> Date: 15 Aug 88 00:36:54 GMT References: <126@leibniz.UUCP> Organization: HP NSG/ISD California Language Lab Lines: 16 > removing files from a r-w directory etc). The speaker was not > overly clear about what the hole was, but he smugly assured me that > he could do much as he pleased if I were to allow him NFS access from > a machine on which he was root. Is this a problem with NFS, or > with the HP or Apollo versions of NFS? Normally, root on a machine (say, A) which NFS-mounts file systems from another machine (say, B) gets the uid -2 on machine B. He (/she/it) thus cannot do much damage on B. However, there is a configurable option to let root on A get a uid of 0 (or anything other than -2) on B. Then of course you're playing with fire... -- Shankar Unni. Hewlett-Packard.