[linux] Re: Root pristup cez NFS
Juraj Variny
jv99737 na decef.elf.stuba.sk
Čtvrtek Září 30 16:52:31 CEST 2004
Chova sa to rovnako ci dam root_squash, no_root_squash alebo nic. Az ked som
skusil nainstalovat nfsserver na masinu kde nie je grsecurity tak to chodilo
tak ako som cakal. Cize som to nakoniec vsetko vyriesil inac (dal sa pouzit
rsyncd).
Ale: Vie niekto o schopnej dokumentacii pre grsecurity? Na grsecurity.net su
nejake "papers", ale pod dokumentaciou si predstavujem nieco ine. A zmienku o
NFS som tam tiez nenasiel.
Na dovazok archivy mailing listu/forum grsec zrejme nie su prehladavatelne,
ani cez gg... Tomu sa teda hovori bezpecnost...
Juraj
On Wednesday 29 September 2004 10:06, Ferenci Daniel wrote:
> Juraj Variny wrote:
> >Ja mam v exports(5) napisane toto:
> >
> >root_squash
> >Map requests from uid/gid 0 to the anonymous uid/gid. Note that this does
> > not apply to any other uids that might be equally sensitive, such as user
> > bin.
> >
> >no_root_squash
> >Turn off root squashing. This option is mainly useful for diskless
> > clients.
> >
> >Z toho som usudil ze s no_root_squash by som mal mat pristup vsade.
> >
> >Juraj
>
> Ja som to vygooglil.
> V kazdom pripade neskusil si to vymenit (pripadne v exports nic o squash
> neuviest)?
>
> Dafe.
>
> >>no_root_squash znamena:
> >>*no_root_squash - *NFS exports directories with root_squash turned on.
> >>This means that root on the client machine will be mapped to the
> >>anonymous UID
> >>
> >>Nie je nahodou toto problem?
> >>
> >>Dafe.
> >
> >_______________________________________________
> >http://lists.linux.sk/listinfo/linux
> >Prehladavanie archivu: http://search.lists.linux.sk
> >Meta FAQ: http://faq.lists.linux.sk
>
> _______________________________________________
> http://lists.linux.sk/listinfo/linux
> Prehladavanie archivu: http://search.lists.linux.sk
> Meta FAQ: http://faq.lists.linux.sk
Další informace o konferenci linux