Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!uunet!convex!thurlow From: thurlow@convex.com (Robert Thurlow) Newsgroups: comp.os.os2.misc Subject: Re: TCP/IP & NFS Client for OS/2 systems; what's out there? Message-ID: Date: 2 Jan 91 17:29:47 GMT References: <1990Dec31.144240.13689@arnor.uucp> <4984@idunno.Princeton.EDU> Sender: news@convex.com (news access account) Organization: Convex Computer Corporation, Richardson, Tx. Lines: 29 Nntp-Posting-Host: dhostwo.convex.com In <4984@idunno.Princeton.EDU> marty@puppsr.Princeton.EDU (Marty Ryba) writes: >In article <1990Dec31.144240.13689@arnor.uucp>, yozzo@ibm.com writes: >|> Given [the root password], they can 'su' to any user they wish and >|> therefore can spoof NFS. >What!? From what I understand of NFS (at least Sun NFS), UID root will *NOT* >be accepted for most activities. On SunOS, root on a client machine can only >modify a filesystem if it has been exported -root=. Check the man >page for exportfs. (So I'll be the fifth person to respond. Big deal :-) Yes, but they can try anything they want as any non-root uid, like bin or daemon or whatever works. Check the man page for su :-) Heck, they can probably try all UIDs in a loop without the server even logging a complaint about an apparent spoof attempt. I agree with yozzo; AUTH_UNIX is full of holes and inflexible. The only pluses are that it is cheap to use, easy to implement and does not introduce vexing system administration issues, which I can't say about AUTH_DES. Maybe if we can smooth out the rough spots of AUTH_DES, we can get something we can trust out there. Rob T -- Rob Thurlow, thurlow@convex.com or thurlow%convex.com@uxc.cso.uiuc.edu ---------------------------------------------------------------------- "This opinion was the only one available; I got here kind of late."