Xref: utzoo comp.protocols.nfs:207 comp.sys.ibm.pc:29303
Path: utzoo!attcan!uunet!lll-winken!ames!apple!bloom-beacon!athena.mit.edu!boomer
From: boomer@athena.mit.edu (Don Alvarez)
Newsgroups: comp.protocols.nfs,comp.sys.ibm.pc
Subject: Re: PCNFS and security
Message-ID: <11668@bloom-beacon.MIT.EDU>
Date: 25 May 89 15:45:08 GMT
References: <2373@daimi.dk>
Sender: daemon@bloom-beacon.MIT.EDU
Reply-To: boomer@space.mit.edu (Don Alvarez)
Organization: MIT Center for Space Research
Lines: 29

In article <2373@daimi.dk> poj@daimi.dk (Per Olsvig Jensen) writes:
>
>...it took me less than half an hour to locate the UserIds
>etc. in the memory of PC-NFS and set them as I liked. Once these
>Ids are set, nothing seems to prevent me from mounting another
>user's files on the SUN, writing to them or deleting them.
>
>...I can't see how using secure RPC will help as long
>the critical information for security check is stored very simply
>in the PC memory, and accessible to everyone.
>
>Am I wrong on this, or do you have any comments ?

Before you conclude that PC's are the problem, ask yourself "why is it
any harder to get a UNIX computer to commit the same security breaches
that you just committed with your PC?"

Hint: you just have to read a few more manuals and know how to get
root privileges on the machine.

Welcome to the wonderful world of NFS.

-Don Alvarez

--
+ -------------------------------------------------------------------------- +
|  Don Alvarez           M.I.T. Center For Space Research    (617) 253-7457  |
|  boomer@SPACE.MIT.EDU  Moving Soon: Princeton University Gravity Lab 8/89  |
+ -------------------------------------------------------------------------- +