Hi all,

I have hit a wall trying to find a solution for this NFS security problem. We currently have multiple Linux servers with users automounting their /home via autofs through LDAP. The problem we have is that if someone has a root password on their local machine, they can get into anyone's /home folder since it is mapped through the autofs. Is there anyway around this? I looked into no_root_squash and such, but ran into problems when I set the /etc/exports to root_squash.

Also, I have heard something about Secure NFS. Has anyone heard of this? What does it do? Could it possibly solve this file sharing problem?

Thanks!

what sort of problems with root_squash? that's exactly where you want to go.... if you mean you need root squash off for certain machines, you can export the same directory twice with nfs, jsut to different people / machines with different rights

Yes, that was the problem with root_squash, and what you say does solve the problem. I forgot about that. Thanks. But we still have another problem, still related to the root power and NFS.

On our NFS home server, I have changed all the permissions of user folders to 700. Therefore, only the owner can read his/her files. The problem is that if someone has the root password to their machine, they could su to root, and then from root su to any user and access those user's files. When you are root and you su to a user, you are not prompted for a password. Is there any way around this? As I said before, I have heard something about Secure NFS, which uses Kerberos to authenticate and NFS connection, but I'm not too sure about how it works yet. If there is any other workaround, it would be great to hear about that as well.

Thanks!

Unfortunately if a user has root access they don't need the login when su'ing to another user, that's the power of root.

You should just look into using NIS maybe. Use the central NFS server as also a means of authenticating users from one machine. That way they won't be authenticated on their local machines when logging in but from the remote server since they also have their home accounts mounted from it, etc.

It is actually a little more involved. We do not use NIS. We are authenticating against AD using Kerberos, with an LDAP server containing all user info. Eventually the plan is to phase out the LDAP server and use the Unix attributes in AD when Samba 3 is a little more stable, but for now we will stay with this. So in order to even log on to client machines, the user must be authenticated through AD. Is there a way to make NFS prompt for a password and authenticate via Kerberos or something before mount? Yes, right now, since the /home folder is exported on the NFS server, anyone can mount a folder.

Hi,

I am facing the same problem. We are also using openldap (not AD) for user authentication. I have found a reply at adress:

http://serverfault.com/questions/215...-in-etc-passwd

Which says:

Doesn't answer your direct question, but I think your issue is with NFS, not sudo/su - you're going to have this problem anytime you use NFSv3 as it relies on UIDs to enforce access permissions.

Even if you did somehow prevent users from switching to root and back to another UID, a malicious user could simply connect their own device or boot a different OS inplace of your specially configured system and overcome the protection.

Have you considered using NFSv4? It uses Kerberos to authenticate mount requests and enforce access permissions so wouldn't be vulnerable to this happening.

I wonder if anybody uses this kindof authentication with linux.