> Op 10 februari 2017 om 9:02 schreef Robert Sander <r.sander@xxxxxxxxxxxxxxxxxxx>: > > > On 09.02.2017 20:11, Jim Kilborn wrote: > > > I am trying to figure out how to allow my users to have sudo on their workstation, but not have that root access to the ceph kernel mounted volume. > > I do not think that CephFS is meant to be mounted on human users' > workstations. > True, but a root squash also prevents a attacker from accessing your whole CephFS filesystem when he gains root access on a machine/server. So a root squash is something you might want to do. Wido > Regards > -- > Robert Sander > Heinlein Support GmbH > Schwedter Str. 8/9b, 10119 Berlin > > http://www.heinlein-support.de > > Tel: 030 / 405051-43 > Fax: 030 / 405051-19 > > Zwangsangaben lt. §35a GmbHG: > HRB 93818 B / Amtsgericht Berlin-Charlottenburg, > Geschäftsführer: Peer Heinlein -- Sitz: Berlin > > _______________________________________________ > ceph-users mailing list > ceph-users@xxxxxxxxxxxxxx > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |