Path: utzoo!utgpu!attcan!uunet!husc6!mailrus!ncar!ames!oliveb!sun!ingersoll!sxn From: sxn%ingersoll@Sun.COM (Stephen X. Nahm) Newsgroups: comp.unix.wizards Subject: Re: NFS security Keywords: root mount NFS Message-ID: <64189@sun.uucp> Date: 15 Aug 88 17:06:42 GMT References: <126@leibniz.UUCP> Sender: news@sun.uucp Reply-To: sxn@sun.UUCP (Stephen X. Nahm) Organization: Sun Microsystems, Mountain View Lines: 32 Distribution: In article <126@leibniz.UUCP> tpc@leibniz.UUCP (Tom Chmara) writes: > The speaker was not >overly clear about what the hole was, but he smugly assured me that >he could do much as he pleased if I were to allow him NFS access from >a machine on which he was root. Is this a problem with NFS, or >with the HP or Apollo versions of NFS? The security problems of NFS are well-known. rlogin has a similar hole. For most of its life, NFS has had only one kind of method of authenticating the user. It is called UNIX authentication, and it uses uids and gids to identify the user, but there is no way for the server machine to *verify* that the user has passed a valid uid. If the user can be root on his machine, he or she can then 'su' to any other user he or she pleases to become. A new authentication method was introduced in SunOS 4.0: DES authentication. With this method, a network-wide identifier is constructed for each user, and a password is associated with that identifier. A user must know the password to be allowed to use a particular network-wide identifier. On a UNIX server, the identifier is translated into a uid. DES stands for Data Encryption Standard, and is used to encode a verifier that the server uses to verify the identity. Please refer to RFC1050 for further details on DES Authentication in Sun's RPC. Most companies that support NFS will support DES authentication in the near future. Steve Nahm Portable NFS/ONC Sun Microsystems Steve Nahm sxn@sun.COM or sun!sxn