Path: utzoo!utgpu!attcan!uunet!lll-winken!lll-tis!ames!necntc!dandelion!ulowell!arosen@eagle.ulowell.edu From: arosen@eagle.ulowell.edu (MFHorn) Newsgroups: comp.unix.wizards Subject: Re: NFS security Message-ID: <8610@swan.ulowell.edu> Date: 14 Aug 88 19:35:46 GMT References: <23289@labrea.Stanford.EDU> Sender: news@swan.ulowell.edu Lines: 33 From article <23289@labrea.Stanford.EDU>, by karish@denali.stanford.edu (Chuck Karish): > In article <126@leibniz.UUCP> tpc@leibniz.UUCP (Tom Chmara) writes: >>I have >>been informed that NFS is NOT particularly secure; i.e. "root" >>on one machine can wreak havoc on another An NFS server maps uid 0 from incoming RPC requests to 'nobody', which is configured into the kernel. If 'nobody' is set to 0, then anyone with root access on another machine can get it on yours. The default setting for nobody is (in most implementaions) -2. Also, if you don't export any filesystmes to a particular host, that host can do nothing to your host even if nobody is set to 0. [NFS under Ultrix maps nobody per exported filesystem.] > Some implementations of NFS assume that user ID numbers are congruent > on server and client. This means that a bad guy can empower a > Trojan horse on the remotely-mounted filesystem, then use it from > the server machine to get privileged access. If root access is refused (see above), then the bad guy won't be able to create a set-uid root file on the server. > Do current versions of NFS provide a way for managers to control mapping > of user ID's? The kernel can only map uid 0. Yellow Pages, a service provided with NFS, helps managers maintain a network-wide password file. Andy Rosen | arosen@hawk.ulowell.edu | "I got this guitar and I ULowell, Box #3031 | ulowell!arosen | learned how to make it Lowell, Ma 01854 | | talk" -Thunder Road RD in '88 - The way it should be