frank@hpuxa.ircc.ohio-state.EDU (Frank G. Fiamingo) (12/20/89)
I've just installed NFS on a 9000/840 running HP-UX 3.11. Some users have now asked if they can mount their personal directories from the 840 on their office workstations. These workstations may be Suns or HPs, etc., also running NFS. For this to be successful we need to insure that they have full access to their own files, but not be able to acquire any special access to other files that may be exported along with theirs. Unfortunately HPs version of NFS requires that you export an entire file system, which is most likely going to include more than one users files. To start we need to match UIDs on the two systems and mount the directory read/write. This should accomplish the first objective: allowing the user full access to his/her own files. I'm at a loss, though, as to how to accomplish the second objective: preventing unwanted access and maintaining security for other files that might have to be exported along with his own. e.g. if he has root priviledges on his own workstation he could easily set-up UIDs to gain read/write access to files that might be denied him otherwise. Also, there might be other users on his system that have UIDs that unintentionaly match those on the HP. So my questions are 1) does anyone know a way to accomplish these objectives? and 2) are there any other concerns I need to consider before we try to offer this service? Thanks for your help, Frank Fiamingo frank@hpuxa.ircc.ohio-state.edu