NFS security

MFHorn arosen at eagle.ulowell.edu
Mon Aug 15 05:35:46 AEST 1988


>From article <23289 at labrea.Stanford.EDU>, by karish at denali.stanford.edu
	(Chuck Karish):
> In article <126 at leibniz.UUCP> tpc at leibniz.UUCP (Tom Chmara) writes:
>>I have
>>been informed that NFS is NOT particularly secure; i.e. "root"
>>on one machine can wreak havoc on another

An NFS server maps uid 0 from incoming RPC requests to 'nobody', which
is configured into the kernel.  If 'nobody' is set to 0, then anyone
with root access on another machine can get it on yours.  The default
setting for nobody is (in most implementaions) -2.

Also, if you don't export any filesystmes to a particular host, that
host can do nothing to your host even if nobody is set to 0.  [NFS
under Ultrix maps nobody per exported filesystem.]

> Some implementations of NFS assume that user ID numbers are congruent
> on server and client.  This means that a bad guy can empower a
> Trojan horse on the remotely-mounted filesystem, then use it from
> the server machine to get privileged access.

If root access is refused (see above), then the bad guy won't be able
to create a set-uid root file on the server.

> Do current versions of NFS provide a way for managers to control mapping
> of user ID's?

The kernel can only map uid 0.  Yellow Pages, a service provided with
NFS, helps managers maintain a network-wide password file.

Andy Rosen           | arosen at hawk.ulowell.edu | "I got this guitar and I
ULowell, Box #3031   | ulowell!arosen          |  learned how to make it
Lowell, Ma 01854     |                         |  talk" -Thunder Road
                   RD in '88 - The way it should be



More information about the Comp.unix.wizards mailing list