Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!mcvax!ukc!warwick!rlvd!news
From: mike@louis.UUCP (Mike Woods)
Newsgroups: comp.unix.wizards
Subject: Re: file protection with NFS
Message-ID: <285@rlvd.UUCP>
Date: Tue, 21-Apr-87 14:03:29 EDT
Article-I.D.: rlvd.285
Posted: Tue Apr 21 14:03:29 1987
Date-Received: Sun, 26-Apr-87 04:14:22 EDT
References: <5462@shemp.CS.UCLA.EDU> <16425@sun.uucp>
Sender: news@rlvd.UUCP
Reply-To: mike@louis.UUCP (Mike Woods)
Organization: Rutherford Appleton Laboratory, Informatics Division, U.K.
Lines: 18

In article <16425@sun.uucp> marks%ferne@Sun.COM (Mark Stein) writes:
>Encrypted authentication information will be used in the RPCs for NFS
>requests.

Won't this have a significant impact on non-USA sites who don't have
(and can't get) the DES chips. I seem to remember that in the cited
paper there was a degradation figure of 20%! Will I be able to turn off
most of the encryption (our network is not being bugged by the commies!)
and still have a solution to the "su" security hole?

Mike Woods

PS - Can't the problem be solved by having uid/gid mapping between
machines (saves all those "find / -user x -exec /etc/chown y {} \;"
when you want to bring a new machine into the NFS fold too).

UK JANET:	mike@uk.ac.rl.vd
UUCP:		..!mcvax!ukc!rlvd!mike