Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!apple!oliveb!sun!cs
From: cs@Sun.COM (Carl Smith)
Newsgroups: comp.protocols.nfs
Subject: Re: PCNFS and security
Message-ID: <108142@sun.Eng.Sun.COM>
Date: 5 Jun 89 23:56:32 GMT
References: <183@mirsa.inria.fr> <11714@bloom-beacon.MIT.EDU>
Sender: news@sun.Eng.Sun.COM
Followup-To: comp.protocols.nfs
Organization: Sun Microsystems, Inc.
Lines: 14

> From: huitema@mirsa.inria.fr (Christian Huitema)
> Subject: Re: PCNFS and security
> 
> Obviously, the current NFS protocol is ``as insecure as possible'', 
> and until the Kerberos fixed are applied, security can only be achieved 
> by physical protection -- in short, use it in a physically controlled 
> small size local net, and trust all the users...

	I really wish that people knew the difference between protocols and
implementations.  For that matter, I wish they'd at least read the NFS protocol
and realize that it says nothing about security.  Security (and authentication)
should be left to the RPC layer.  That's part of its job.

			Carl