From owner-freebsd-questions Sat Jun 2 23:52:52 2001 Delivered-To: freebsd-questions@freebsd.org Received: from aspen.cs.unr.edu (aspen.cs.unr.edu [134.197.40.251]) by hub.freebsd.org (Postfix) with ESMTP id ACD1237B422 for ; Sat, 2 Jun 2001 23:52:48 -0700 (PDT) (envelope-from ballew@frink.cs.unr.edu) Received: from frink.cs.unr.edu (IDENT:root@frink.cs.unr.edu [134.197.40.144]) by aspen.cs.unr.edu (8.9.2/8.9.2) with ESMTP id XAA12543 for ; Sat, 2 Jun 2001 23:52:44 -0700 (PDT) Received: (from ballew@localhost) by frink.cs.unr.edu (8.9.3/8.9.3) id XAA01896 for freebsd-questions@freebsd.org; Sat, 2 Jun 2001 23:52:44 -0700 Date: Sat, 2 Jun 2001 23:52:44 -0700 From: Mark C Ballew To: freebsd-questions@freebsd.org Subject: NFS security/setup Message-ID: <20010602235244.A1890@frink.cs.unr.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I am setting up NFS/NIS using FreeBSD/i386 4.3 in order to share accounts and files with machines on a heterogenus network (IRIX, Linux, Solaris). In order to limit access to who can mount NFS disks, what do I need to set? I am thinking that I just need to set "portmap: 192.168.1." in my /etc/hosts.allow, and add a similar line to /var/yp/securenets. Is this correct? Also, lets say that I set portmap like above, can anyone on the network mount the NFS drive and then proceed to create fake UID's in order to r/w access a user's files? I am running on an academic network, so it is quite possible for someone to bring up a machine without my knowledge. Thank you, -- !! Mark C. Ballew Graduate Student, University of Nevada, Reno Homepage: http://sublinear.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message