Hosting Provided By

Re: NIS with local root

From: Charles Clancy <security(at)xauth.net>
Date: Thu Jan 30 2003 - 17:31:13 EST

On Thu, 30 Jan 2003, Kevin Jackson wrote:

> but surely in such a situation where NIS and NFS is employed -- you

The usual problem is when users have their own machines and want access to the NFS network. They don't want to give up root on their own machines.

> I know sometimes it can't be avoided in some situations -- if that's the

NIS+ is not much more secure than NIS if you have root. In all the installations I've seen, the only difference is that the NIS+ client won't let normal users see the encrypted passwords (from "niscat passwd.org_dir"). Plus, NIS+ support for Linux isn't entirely complete.

The real solution is to get rid of NIS and NFS, and replace them with AFS, LDAP, and Kerberos. AFS does file access control at a user level, rather than a host level. That means local root can't get access to your files[1] -- only AFS admin can do that. The LDAP/Kerberos option means no more unshadowed passwords floating around the network.

http://www.openafs.orghttp://www.openldap.orghttp://web.mit.edu/kerberos/www/

All are well supported under Linux (not to mention many other UNIXes, and even the ability to interact almost seamlessly with Microsoft ADS).

--
[1] Well, he can try to steal your Kerberos credentials if you're logged
in to the machine, but he can't just "su".

[ t charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]

Received on Thu Jan 30 18:15:33 2003

Do you need help?

This message: [ Message body ]
Next message: Brian Hatch: "Re: NIS with local root"
Previous message: Zow: "Re: NIS with local root"
In reply to Kevin Jackson: "Re: NIS with local root"
Next in thread: Brian Hatch: "Re: NIS with local root"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:19 EDT