[63] in linux-security and linux-alert archive
Re: Safe NFS outline
daemon@ATHENA.MIT.EDU (Raul Miller)
Wed Mar 8 12:11:32 1995
Date: Wed, 8 Mar 95 11:28 EST
From: rdr@legislate.com (Raul Miller)
To: linux-security@tarsier.cv.nrao.edu
In-reply-to: <199503081449.PAA01075@mvmampc66.ciw.uni-karlsruhe.de> (Thomas.Koenig@ciw.uni-karlsruhe.de)
Reply-To: linux-security@tarsier.cv.nrao.edu
Hmm...
(1) say something about the life time of a pass-key (e.g. up to an
hour, or the drop of a hat -- whichever comes first). With a modicum
of network security, you should only need pass-keys for the mount
points. You'll need a challenge/response mechanism in the secure nfs
clients anyways..
(2) make the maximum number of simultaneous pass-keys for file system
configurable by the nfs administrator. That's more of a local policy
issue than a communications standard.
--
Raul Deluth Miller <moth@firefly.com> <rockwell@nova.umd.edu>
<rockwell@nova.umuc.edu> <rdr@legislate.com> <rdr@gopher.legislate.com>
<rdr@home.merit.edu> <rdr@tad.micro.umn.edu>
