SUMMARY Part III: Mounting NFS file systems r/w

From: Leo Crombach (lcrombach@tropel.com)
Date: Thu Oct 23 1997 - 11:31:10 CDT


Sun Managers:

First, let me apologize for consuming list resources with yet another
summary to my original posting. However, I have been inundated with
responses expounding on the dangers/security risks of using anon=0 in
/etc/dfs/dfstab to share file systems.

Essentially, root accesses over NFS are re-mapped to user "nobody" to
prevent unauthorized access to the server. To enable root to have "root"
access over NFS file systems it must be shared appropriately from the server.

Example: share -F nfs -o root=<client> /<shared resource>

This still presents a security risk but is less hazardous than anon=0 which
allows any client root access to the shared resource.

Also, allow me to apologize for not doing a more thorough job of reading the
Answerbook as this information is in there and in the man pages.
Unfortunately, I was in a hurry to get two Ultras up and running and
configured to run Pro/E for two new hires which were anxiously waiting for
their workstations.

Thanks again to all the respondents.

****************************************************************

Leo Crombach Phone: (716) 388-3566
System/Network Administrator Email: lcrombach@tropel.com
Tropel Corporation URL: http://www.tropel.com
60 O'Connor Road
Fairport, New York 14450

****************************************************************



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:12:06 CDT