From owner-freebsd-questions Sun Jun 3 1:36:27 2001 Delivered-To: freebsd-questions@freebsd.org Received: from nebula.anchoragerescue.org (cable-115-7-237-24.anchorageak.net [24.237.7.115]) by hub.freebsd.org (Postfix) with ESMTP id 335A337B401 for ; Sun, 3 Jun 2001 01:36:23 -0700 (PDT) (envelope-from akbeech@anchoragerescue.org) Received: from galaxy.anchoragerescue.org (galaxy.anchoragerescue.org [24.237.7.95]) by nebula.anchoragerescue.org (Postfix) with SMTP id A9B2910E; Sun, 3 Jun 2001 00:36:21 -0800 (AKDT) Content-Type: text/plain; charset="iso-8859-1" From: Beech Rintoul To: Mark C Ballew , freebsd-questions@freebsd.org Subject: Re: NFS security/setup Date: Sun, 3 Jun 2001 00:36:21 -0800 X-Mailer: KMail [version 1.2] References: <20010602235244.A1890@frink.cs.unr.edu> In-Reply-To: <20010602235244.A1890@frink.cs.unr.edu> MIME-Version: 1.0 Message-Id: <01060300362102.19980@galaxy.anchoragerescue.org> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Saturday 02 June 2001 22:52, Mark C Ballew wrote: > I am setting up NFS/NIS using FreeBSD/i386 4.3 in order to share accounts > and files with machines on a heterogenus network (IRIX, Linux, Solaris). > In order to limit access to who can mount NFS disks, what do I need to set? > > I am thinking that I just need to set "portmap: 192.168.1." in my > /etc/hosts.allow, and add a similar line to /var/yp/securenets. Is this > correct? > > Also, lets say that I set portmap like above, can anyone on the network > mount the NFS drive and then proceed to create fake UID's in order to r/w > access a user's files? I am running on an academic network, so it is quite > possible for someone to bring up a machine without my knowledge. > > Thank you, Actually the directories and permissions for mounting NFS are set in /etc/exports on the host machine. See man exports for details. Beech -- ------------------------------------------------------------------- Beech Rintoul - IT Manager - Instructor - akbeech@anchoragerescue.org /"\ ASCII Ribbon Campaign | Anchorage Gospel Rescue Mission \ / - NO HTML/RTF in e-mail | P.O. Box 230510 X - NO Word docs in e-mail | Anchorage, AK 99523-0510 / \ ----------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message