fai-setup: (1) all_squash,anonuid=500,anongid=500 (2) exportfs -r
Shaul Karl
shaulk at 013.net
Fri Dec 24 19:39:27 CET 2004
On Fri, Dec 24, 2004 at 09:42:36AM -0500, malk at sidehack.sat.gweep.net wrote:
> Forgive me if I'm stating the obvious, but doesn't exporting it read-only
> solve all the problems? Even if no_root_squash is set (which is desirable
> on nfsroot), no one can do anything to the filesystem remotely since it's
> read only.
>
If (and I am not sure if this is the case) installations will work with
all_squash,anonuid=`id -u fai`,anongid=`id -g fai`
then why not using it? Why allowing root privileges on the server when
it is not absolutely necessary? The fact that you mount it ro is one
attempt to minimize the damage if something bad happens. Why not
squashing to a single (uid,gid) pair just to be on the safe side? Even
though the filesystem is ro, the combination of root privileges and an
unknown exploit can be harmful. Doesn't `opening only the minimal
necessary holes' is one of the principles of security?
More information about the linux-fai
mailing list