cudcv@warwick.ac.uk (Rob McMahon) (08/26/89)
Are there any plans to make PC-NFS at least moderately secure ? I have had my fears about it, and an article here not long ago confirmed that the uid & gid are kept unencrypted and alterable on the PC, so that anyone using PC-NFS can trivially pretend to be any usercode he feels like by poking these values. Clearly this is unacceptable for use on any but very trusted PCs. We are looking for a network file system for use on PCs in public work areas, ideally NFS since that is what we use on the Unix mainframes. Does anyone know if Novell is any better, I hear it is available, or will be available, for Unix. Where does Kerberos fit into the picture ? Thanks, Rob -- UUCP: ...!mcvax!ukc!warwick!cudcv PHONE: +44 203 523037 JANET: cudcv@uk.ac.warwick ARPA: cudcv@warwick.ac.uk Rob McMahon, Computing Services, Warwick University, Coventry CV4 7AL, England
liam@cs.qmc.ac.uk (William Roberts) (09/01/89)
In article <188@titania.warwick.ac.uk> cudcv@warwick.ac.uk (Rob McMahon) writes: >Are there any plans to make PC-NFS at least moderately secure ? I have had my >fears about it, and an article here not long ago confirmed that the uid & gid >are kept unencrypted and alterable on the PC, so that anyone using PC-NFS can >trivially pretend to be any usercode he feels like by poking these values. What did I say? In NFS "the server trusts the clients", and it is deeply unwise to entrust user authentication to a machine whose OS (MacOS, MS-DOS) doesn't have any notion of user. >Where does Kerberos fit into the picture ? Kerberos provides a trusted third party (the authentication server) which produces unforgeable, testable proof-of-identity tokens that can be quoted by the client and checked by the server (if it desires). This uses a form of public key encryption and allows the clients to check the identity of the servers. It reduces the trust element to something approaching a minimum, namely; 1) Is the authentication server trusted (Yes, lock it in very safe place with no other software besides the authentication code). 2) Is the machine through which I obtain my token actually stealing my password as I type it in? 3) Is the machine I'm using continuing to quote my token after I've left (and before it expires)? 2 & 3 have some obvious physical approaches involving all the usual military nonsense of fingerprints, sealed modules etc. -- William Roberts ARPA: liam@cs.qmc.ac.uk Queen Mary College UUCP: liam@qmc-cs.UUCP AppleLink: UK0087 190 Mile End Road Tel: 01-975 5250 LONDON, E1 4NS, UK Fax: 01-980 6533