Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!rutgers!ucla-cs!tamir
From: tamir@CS.UCLA.EDU
Newsgroups: comp.unix.wizards
Subject: file protection with NFS
Message-ID: <5462@shemp.CS.UCLA.EDU>
Date: Wed, 8-Apr-87 23:31:56 EST
Article-I.D.: shemp.5462
Posted: Wed Apr  8 23:31:56 1987
Date-Received: Mon, 13-Apr-87 03:55:24 EST
Sender: root@CS.UCLA.EDU
Reply-To: tamir@CS.UCLA.EDU (Yuval Tamir)
Distribution: world
Organization: UCLA Computer Science Department
Lines: 14

It is well known that with the current NFS you must trust
the roots of all the machines to which you export file systems.
The reason is that the root on client machine can read/write/modify
any file not owned by root on the server (by using su to become
the user who is the owner of the file on the server).

I have heard that Sun is working on a solution to this problem.
Does anyone know how this solution will work ?
I don't see how you can solve this problem with a stateless server.

			   Yuval Tamir

Internet: tamir@cs.ucla.edu
    UUCP: ...!{ihnp4,ucbvax,sdcrdcf,trwspp,randvax,ism780}!ucla-cs!tamir