> >We have a few linux systems running redhat 5.2 in a
> >net composed also of SGI and SUN workstation. The linux
> >boxes export their files to every machines on the net.
> >When working on a remote system, a normal user has created
> >a few times files or directories owned by root (this
> >user does not know the super user password) on the
> >filesystems managed by linux.
> >I have no idea why this is happening and how this
> >can be fixed. Is it linked to the way I export
> >the filesystems? I don't think this has
> >happened when working locally on the linux box. Any idea?
> >Sent via Deja.com http://www.deja.com/
> >Share what you know. Learn what you don't.
> Several issues here.
> 1: The directories being compromised may have group write permissions,
> group 'root' (or 'wheel').
If it was the case, the problem would happen locally AND vis NFS access.
It is not the case (the problem happens only via
NFS access) and the directories don't have such group permissions.
Quote:> 2. Check to ensure that all entries in /etc/exports do NOT have
> no_root_squash set! (The default is to squash root into nobody;
> this means that if a box were compromised, other boxes remotely
> mounted via NFS won't be as badly affected.)
This is useful for security purposes but the case I am reporting
does not fall in this category. The user in question is an average
user, well-intentioned, trying to do his work with the minimum of
trouble. I suspect more a bug with NFS. Maybe I don't know where to
look but all the nfs-server RPM packages I can find are Beta version
(2.2beta). Can anybody suggest a place where I can find a non-beta
version or why are they all Beta?
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.