RH Taroon Beta Open Ports

Paul Jakma paul at dishone.st
Tue Aug 26 03:24:35 UTC 2003


On Mon, 25 Aug 2003, Felipe Alfaro Solana wrote:

> favor. NFS is not very secure by nature (except NFSv4).

hmm... just to but in, but the above is a common myth:

- whatever security problems NFS has, they are /not/ the fault of the
NFS

- connection authorisation/transport security are /not/ within the 
remit of NFS, it is the /RPC/ layer which is responsible.

- NFSv4 is /not/ more secure than NFSv3. However, NFSv4 makes secure 
RPC mechanisms mandatory. NB: NFSv3 will (should) be able to avail of 
this too.

anyway, blame RPC and the lack of secure RPC mechs in glibc/linux - 
not NFS, if authunix is the only mech available, then authunix is 
all NFS can make use of.

regards,
-- 
Paul Jakma	paul at clubi.ie	paul at jakma.org	Key ID: 64A2FF6A
	warning: do not ever send email to spam at dishone.st
Fortune:
There's no easy quick way out, we're gonna have to live through our
whole lives, win, lose, or draw.
		-- Walt Kelly





More information about the devel mailing list