[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSEC and NFS
> I'm particularly concerned about things like PCs participating in
> NFS services, in which it's sooooo easy for the client to "cheat"
> in the sense of claiming a uid/gid that it has no "right" to.
> I'm afraid that your analysis of NFS requiring major restructuring
> to protect agaist this is correct. Secure RPC doesn't appear to
> be a reasonable fix for this either. Sigh.
This is why Mike & friends are using the GSSAPI and friends to solve this
problem. On the other hand...
> If I restrict an NFS server to only allowing SAs with hosts it knows "play
> by the rules"--in that user processes cannot fake legitimate NFS protocol
> (because they can't get a privileged port), then host-to-host IPSEC works.
> What a marvellous world it would be if I could always make that
> assumption...
Yes, IPsec would help here immensely.
The thing to remember is what granularity do you want? IPsec does
session-by-session granularity (e.g. TCP connection, or UDP session). NFS
requires even finer granularity than per-session.
Dan
References: