Host based authentication
Steve Gaarder
gaarder at math.cornell.edu
Fri Apr 20 11:05:38 EDT 2007
On Thu, 19 Apr 2007, Brent Callaghan wrote:
>
> Yes, stronger host-based security would be useful and might avoid some
> of the overhead in administering Kerberos.
>
> But the most common complaint about NFS security relates to home
> directories,
> and host-based security does nothing to prevent one student messing
> with another student's (or staff member's) home directory via the "su"
> command.
A very useful adjunct to better auth-sys security would be a way to squash
all users on a given machine to nobody except for one (or a few) selected
users. I'd like to have it even with current auth-sys.
Steve Gaarder
System Administrator, Dept of Mathematics
Cornell University, Ithaca, NY, USA
gaarder at math.cornell.edu
More information about the NFSv4
mailing list