LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 11-25-2006, 05:27 PM   #1
jerril
Member
 
Registered: Nov 2005
Location: Ontario, Canada
Distribution: Ubuntu
Posts: 114

Rep: Reputation: 15
SSHFS Drawbacks


Hi Everybody

I've been investigating file sharing alternatives. Right now, the most likely alternative for me, is SSHFS. I was googling around on the subject, and I found this excellent overview on alternatives available from the MEPIS Documentation Wiki.

One of the cons here is:
Quote:
Hard to control what user has access to; anything they can access locally is available over the network.
I'm not sure I understand what this means. Maybe I'm missing something obvious.

Thanks

jer
 
Old 11-26-2006, 10:06 AM   #2
Brian1
Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 61
Never used it but I would interrept this way. Once the sshfs is mounted then it is possible all usesr can see the share and it could be possible for other users on the linux machine to read and write to it.

Brian
 
Old 11-26-2006, 03:59 PM   #3
jerril
Member
 
Registered: Nov 2005
Location: Ontario, Canada
Distribution: Ubuntu
Posts: 114

Original Poster
Rep: Reputation: 15
Test

I tried to ls my shared directory as another user:

Code:
jer@client_machine:~$ sshfs jer@server_machine:/home/jer/ ~/share
jer@server_machine's password: 
jer@client_machine:~$ ls share
archive  Diagram1.dia.autosave  iPodderData      sandbox
backup   downloads              max              stuff
bin      Firefox_wallpaper.png  meep             websites
Desktop  GNUstep                PicasaDocuments  work
jer@client_machine:~$ su stompie
Password: 
stompie@client_machine:/home/jer$ ls share
ls: share: Permission denied
It seems to pass this simple test.

Thanks
jer

Last edited by jerril; 11-26-2006 at 04:10 PM.
 
Old 11-26-2006, 04:42 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,994
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
Moved: This thread is more suitable in the Linux Software forum (not a Linux Security question) and has been moved accordingly to help your thread/question get the exposure it deserves.
 
Old 11-26-2006, 05:04 PM   #5
bbbb
LQ Newbie
 
Registered: Nov 2005
Location: Amsterdam, Netherlands
Distribution: Mandriva cooker
Posts: 22

Rep: Reputation: 15
I'll try to explain this with an example. Let's say you have a box with a user called weebl. all files on the box are readable to anonymous users, and weebl has a home-dir in /home/weebl. now, if weebl logs in locally (or through ssh), he will be able to read all files, obviously. and write to his home-dir. if you, as an administrator, make his home-dir available with samba (for example) you can control what weebl can and can not access by tweaking samba; you can make him able to access files in his home-dir only, or read all files, etcetera. this is what they mean with "control what the user has access to". using sshfs though, is comparable to what a user can access when uses scp, or ssh even. for example, he could do:
Code:
sshfs weebl@server:/ /path/to/mount/point
There is no way to prevent this from happening with sshfs.
 
Old 11-26-2006, 05:21 PM   #6
jerril
Member
 
Registered: Nov 2005
Location: Ontario, Canada
Distribution: Ubuntu
Posts: 114

Original Poster
Rep: Reputation: 15
Got it!

bbbb

For my own personal use, this is not an issue... I think.

Thank You

jer
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
sshfs mounting read-only cgraf Linux - Software 1 08-18-2006 02:58 PM
file permissions and sshfs baddah Linux - Security 3 07-11-2006 03:33 AM
Using Knock with sshfs (fish) pAn1k Linux - Networking 0 07-10-2006 12:34 AM
Anyone using Slackware and SSHFS? JockVSJock Slackware 6 12-20-2005 05:22 AM
Security Drawbacks Obie Linux - Security 10 05-25-2004 10:26 AM


All times are GMT -5. The time now is 06:07 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration