[99] in WWW Security List Archive
Re: GSS API (as a DLL)...
daemon@ATHENA.MIT.EDU (Marc Horowitz)
Mon Aug 22 15:44:29 1994
To: rosenthl@mcc.com (Doug Rosenthal)
Cc: www-security@ns1.rutgers.edu
In-Reply-To: Your message of "Mon, 22 Aug 1994 09:44:01 CDT."
<9408221444.AA03099@krypton.mcc.com>
Date: Mon, 22 Aug 1994 11:39:20 -0400
From: Marc Horowitz <marc@cam.ov.com>
>> What about NFS, LANs, etc.?
What about them? Don't trust your NFS server (mount nosuid), and
don't pass passwords in cleartext over the net. Both are easy, and
both are implemented at any site which cares about security.
If you are an NFS server, then you are SOL. Didn't you know NFS
stands for No File Security? We use AFS here.
Marc
