[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC and NFS

To: Marcus.Leech.mleech@nt.com (Marcus Leech)
Subject: Re: IPSEC and NFS
From: Dan McDonald <danmcd@Eng.Sun.Com>
Date: Fri, 30 Jan 1998 19:30:19 -0800 (PST)
Cc: ipsec@tis.com
In-Reply-To: <34D21817.11730FC9@nortel.ca> from "Marcus Leech" at Jan 30, 98 07:12:39 pm
Sender: owner-ipsec@ex.tis.com

> I'm particularly concerned about things like PCs participating in
>   NFS services, in which it's sooooo easy for the client to "cheat"
>   in the sense of claiming a uid/gid that it has no "right" to.
>   I'm afraid that your analysis of NFS requiring major restructuring
>   to protect agaist this is correct.  Secure RPC doesn't appear to
>   be a reasonable fix for this either.  Sigh.

This is why Mike & friends are using the GSSAPI and friends to solve this
problem.  On the other hand...

> If I restrict an NFS server to only allowing SAs with hosts it knows "play
> by the rules"--in that user processes cannot fake legitimate NFS protocol
> (because they can't get a privileged port), then host-to-host IPSEC works.
> What a marvellous world it would be if I could always make that
> assumption...

Yes, IPsec would help here immensely.

The thing to remember is what granularity do you want?  IPsec does
session-by-session granularity (e.g. TCP connection, or UDP session).  NFS
requires even finer granularity than per-session.

Dan

References:

Re: IPSEC and NFS

From: "Marcus Leech" <Marcus.Leech.mleech@nt.com>

Prev by Date: IPSEC and NFS
Next by Date: Re: question in AH
Prev by thread: Re: IPSEC and NFS
Next by thread: IPSEC and NFS
Index(es):
- Main
- Thread