LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-28-2010, 07:29 AM   #1
sulekha
Member
 
Registered: Dec 2004
Location: India
Distribution: ubuntu 10.04 , centos 5.5 , Debian lenny, Freenas
Posts: 324

Rep: Reputation: 36
Question why samba is preferred over NFS ?


Hi all,

The example situation which I know is it is dangerous to allow users to perform NFS mounts of corporate File systems from their personal laptops, however we can safely use CIFS to give these laptops access to their owners home directories. (NFS security is based on the idea that user has no root access on the client and that there are matching UIDS on the client and server , i.e not normally the case for self managed machines.)


can any one giveany other example(s) situation(s) where samba is preferred over NFS ?
 
Old 09-28-2010, 09:47 AM   #2
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 5,943
Blog Entries: 5

Rep: Reputation: 753Reputation: 753Reputation: 753Reputation: 753Reputation: 753Reputation: 753Reputation: 753
This is bogus information. NFS security is NOT based on the idea that user has no root access on the client. You can set the export to specifically disallow access by root.

NFS has gone through various versions each more secure than the last. While it may be true that the very first version of NFS had very low security it isn't true of the latest one.

Personally I only use Samba/CIFS when I need to share filesystems between a UNIX/Linux system and a Windows system and that is only because it is usually faster for me to get Samba going on UNIX/Linux than it is to get NFS going on Windows.
 
Old 09-28-2010, 10:49 AM   #3
HasC
Member
 
Registered: Oct 2009
Location: South America - Paraguay
Distribution: Debian 5 - Slackware 13.1 - Arch - Some others linuxes/*BSDs through KVM and Xen
Posts: 329

Rep: Reputation: 55
I think the simplest answer is: "because Windows uses SMB/CIFS". And the other OSes must cope with that.
 
Old 09-28-2010, 11:23 PM   #4
sulekha
Member
 
Registered: Dec 2004
Location: India
Distribution: ubuntu 10.04 , centos 5.5 , Debian lenny, Freenas
Posts: 324

Original Poster
Rep: Reputation: 36
Question

Quote:
Originally Posted by MensaWater View Post
This is bogus information. NFS security is NOT based on the idea that user has no root access on the client. You can set the export to specifically disallow access by root.

NFS has gone through various versions each more secure than the last. While it may be true that the very first version of NFS had very low security it isn't true of the latest one.

Personally I only use Samba/CIFS when I need to share file systems between a UNIX/Linux system and a Windows system and that is only because it is usually faster for me to get Samba going on UNIX/Linux than it is to get NFS going on Windows.
I don't think it is a bogus information

because this info is given in the book "Unix and Linux system administration Handbook" 4th edition by Evi nemeth et al page no: 1149
 
1 members found this post helpful.
Old 09-29-2010, 03:38 AM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,373

Rep: Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962Reputation: 1962
Well if you think it or not, it is not true. It is based on a variety of principles, but here given an appropriate server side configuration, the client user can root access on the client machine and it won't have any impact on the server side configuration, due to root_squash options. it's a very simple model, which is based around UID's and GID's and open to abuse in a non integrated environment, however when additional services, like central user information and authentication, then it fits in well as part of a jigsaw. It's not massively secure, no, but you are wrong in thinking that it assumes things about the clients configuration in the way you suggest.
 
1 members found this post helpful.
  


Reply

Tags
file sharing, nfs, samba, security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
NFS v SAMBA madivad Solaris / OpenSolaris 2 03-29-2008 07:08 AM
NFS vs Samba Reefcrazed Linux - Networking 5 08-24-2004 02:50 PM
NFS vs Samba rshooper Linux - Networking 7 08-18-2004 12:21 AM
Samba or NFS which is better? gnu noob Linux - Software 8 05-18-2004 02:07 PM
NFS and or Samba linuxnube Linux - Networking 7 01-18-2004 06:18 AM


All times are GMT -5. The time now is 06:32 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration