Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!cronkite!exodus!argon.Eng.Sun.COM!db
From: db@argon.Eng.Sun.COM (David Brownell)
Newsgroups: comp.protocols.nfs
Subject: Re: group permissions when root
Message-ID: <15542@exodus.Eng.Sun.COM>
Date: 20 Jun 91 05:07:08 GMT
References: <15008@exodus.Eng.Sun.COM> <6720@eastapps.East.Sun.COM> <4978@skye.ed.ac.uk> <7958@spdcc.SPDCC.COM>
Sender: news@exodus.Eng.Sun.COM
Organization: Sun Microsystems, Mt. View, Ca.
Lines: 18

In article <7958@spdcc.SPDCC.COM> rbraun@spdcc.COM (Rich Braun) writes:

> You're overlooking one thing:  if you have two systems A and B, and
> a root user on B su's to some other uid, he now has access to files on
> system A under that new uid.  Yet system A didn't grant the access.

Highly dependant on an administrative policy that system A could have
changed if its administrator/owner wanted ...

> This is a security hole under all Unix NFS implementations, as far
> as I know.

Secure NFS, available on SunOS 4.0 (and later) and in UNIX SVr4, has
addressed this problem.  Export the file system 'secure'; some other
configuration will be required, as well.  It's the same NFS protocol,
but requires a better authentication system.

- Dave