Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!ukma!eric
From: eric@ms.uky.edu (Eric Herrin)
Newsgroups: comp.sys.att,comp.unix.wizards
Subject: Root equivalence over RFS
Message-ID: <7211@e.ms.uky.edu>
Date: Thu, 3-Sep-87 18:57:51 EDT
Article-I.D.: e.7211
Posted: Thu Sep  3 18:57:51 1987
Date-Received: Sat, 5-Sep-87 12:02:37 EDT
Organization: U of Ky, Math. Sciences, Lexington KY
Lines: 27
Keywords: rfs, remote file sharing, SVR3.1
Xref: mnetor comp.sys.att:1128 comp.unix.wizards:4060

I have a rather unique(?) problem here running RFS over a STARLAN 
network of AT&T 3b2s.  Root cannot be equivalent over all the machines.
This tends to break many of the SUID root programs which use shared
files and directories, since root has no special access to things like a
user's directories which reside on other machines.  Limiting ROOT 
access to foreign machines is a nice security feature, mostly for sites
in which several groups of people own different sets of machines on
the network (ie. it is usually not desired for someone's workstation
to be equivalent).  I really don't care about such situations, simply
because they do not exist here.  I am the only System Admin. of the
RFS.

My solution was to hack the DU module so it allows root equivalence.
I am not sure if other people have experienced similar problems or even
if anyone else actually runs RFS.  If anyone has needed to allow root
equivalence, and has a better solution, I would love to hear about it.
Otherwise, I am willing to talk about my solution to any interested
parties.

			eric


|									      | 
|    Eric Herrin II				     	cbosgd!ukma!eric      |
|    "'tis better to be silent                         	eric@UKMA.BITNET      |
|     and be THOUGHT a fool, than to open              	eric@ms.uky.csnet     |
|     one's mouth and remove all doubt."                eric@ms.uky.edu       |