Posted by: Anonymous Coward
on December 06, 2004 04:45 AM
Everything you asked for on the security attributes of NFS is already there. NFS runs over RPC and you can choose which RPC security mechanism is used, for example RPCSEC_GSS using Kerberos as the mechanism. With Kerberos you can choose between, authentication,integrity protcetion, privacy or all three.
How to do this is all documented in publically availble IETF RFCs for NFSv3. Solaris has had this for over 10 years. There is a lot of work going on in various places to bring Linux upto this and to implement NFSv4 where this is mandatory to implement.
Repeat after me: NFS is NOT insecure, you just need to read the documentation and not choose the default RPC AUTH_SYS mechanism which is only suitable for a trusted network.
As for the delegation of files, that is in NFSv4 as well.
Learn about Linux
Download Linux
Get Linux help
NFS does NOT send the data in the clear
Posted by: Anonymous Coward on December 06, 2004 04:45 AMHow to do this is all documented in publically availble IETF RFCs for NFSv3. Solaris has had this for over 10 years. There is a lot of work going on in various places to bring Linux upto this and to implement NFSv4 where this is mandatory to implement.
Repeat after me: NFS is NOT insecure, you just need to read the documentation and not choose the default RPC AUTH_SYS mechanism which is only suitable for a trusted network.
As for the delegation of files, that is in NFSv4 as well.
#