Re: Reading .passwd from NFS vol

Subject: Re: Reading .passwd from NFS vol
From: Jerry_Normandin@brown.edu
Date: Thu Mar 09 2000 - 15:35:47 EST

• Next message: clark: "another newbie question"
• Previous message: Marcus Radich: "Re: asun2.1.4 release?"
• In reply to: Thierry Michalowski: "Re: Reading .passwd from NFS vol"
• Next in thread: andrew morgan: "Re: Reading .passwd from NFS vol"
• Reply: Jerry_Normandin@brown.edu: "Re: Reading .passwd from NFS vol"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is really insecure.

I'd recommend using a solution like NIS or DCE to authenticate.
I'm working on a DCE/LDAP solution for this (Home project to
contribute to Linux)

On 09-Mar-00 Thierry Michalowski wrote:
> Hi,
> looks like you're running afpd as root (which I assume is the only current
> option) and that your root-id process is smashed onto the exporting box to
> "nobody".
> What you need to add as an option to your export is "root=lx0" (or equivalent
> for your flavor of unix).
> Be aware that this way your system's security is getting worse as anyone root
> on lx1 is also root in a short time on lx0 without much of an effort.
> Hope this helps
> Thierry Michalowski
>
> Peter Gutowski wrote:
>
>> I'm admittedly a NFS newbie, have managed to make it work for the first time
>> in a Long Time yesterday. From one computer (RedHat Linux 6.1, hostname:
>> lx0) I mounted "/home/users" from similar system (hostname: lx1). Both
>> machines have similarly configured Netatalk (1.4b2+asun2.1.4 pre37 I think).
> This [shared[ directory contains users home directories. I have no trouble
> logging on with telnet and seeing the identical contents on both machines.
>>
>> However when I log onto lx0 thru the Chooser using AppleShare I get the
>> following message. (Logging onto lx1 behaves normally)
>>
>> Mar 9 10:43:32 lx0 afpd[4877]: ASIP session:548(1) from
>> 192.168.2.149:2063(3)
>> Mar 9 10:43:32 lx0 afpd[4877]: randnum/rand2num login: peterg
>> Mar 9 10:43:32 lx0 afpd[4877]: Failed to read from
>> /home/users/peterg/.passwd
>>
>> The /etc/exports on lx1 reads:
>>
>> /home/users 192.168.2.0/255.255.255.0(rw)
>>
>> The man page for exports lists a bunch of other options that I am clearly
>> not getting a full appreciation of. Has anybody else experienced this and
>> knows a solution, i.e., to make the shared directory work "normally"?
>>
>> --
>> Peter Gutowski
>>
>> peterg@powervue.com • http://www.powervue.com/~peterg

----------------------------------
E-Mail: Jerry_Normandin@brown.edu
Date: 09-Mar-00
Time: 15:33:04
----------------------------------

• Next message: clark: "another newbie question"
• Previous message: Marcus Radich: "Re: asun2.1.4 release?"
• In reply to: Thierry Michalowski: "Re: Reading .passwd from NFS vol"
• Next in thread: andrew morgan: "Re: Reading .passwd from NFS vol"
• Reply: Jerry_Normandin@brown.edu: "Re: Reading .passwd from NFS vol"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Wed Jan 17 2001 - 14:30:14 EST