On Wed, 2009-08-26 at 19:31 -0300, Carlos André wrote: > Wang, > > I know about "normal NFS" security issues... old times... "trust on > host"... -_-' > But I thought that this problem never happen using NFSv4+Kerberos5. In > resume, it's more secure then only NFS (without Kerberos), but still > have alot of serious security problems... This discussion keeps coming up, over and over again because people keep misunderstanding the Linux/*NIX security model. The real issue is that a user with root privileges has a million ways of sniffing your passwords (e.g. as you type them in), reading your cached data (e.g. /dev/kmem), or hijacking your processes (e.g. a /bin/ls trojan). There is _nothing_ NFS can do to protect you against a compromised root account. Schemes like David Howells' keyrings can help against one or two of these attacks, but cannot eliminate them all. IOW: The problem isn't NFS. The exact same attacks can be used against ssh, cifs, and all the other 'secure' protocols. All Krb5 does is to make you safe against unprivileged users impersonating you, and to make you safe against network packet sniffing and spoofing. Trond -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
