From the course: Linux System Engineer: Network Filesystems Using NFS and Samba
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
NFS security - Red Hat Enterprise Linux Tutorial
From the course: Linux System Engineer: Network Filesystems Using NFS and Samba
NFS security
- [Instructor] Securing NFS in the past has been difficult. In our scenario we have an NFS server and an NFS client connected to a network switch. To secure older version of NFS such as version two or three, you would limit which host connects us to share. The host would be specified by IP address or by host name. In the case of a DNS host name, the host name would be resolved by a DNS server, and then the client would connect to the NFS server directly. The problem is that NFS controls who connects us to shares based on the host making the request, not the user. Hosts are given explicit rights and access controls not possible for users outside of the standard file permission system. Once a file system is exported via NFS, any user on the remote host that is connected to the share can access the data. There are provisions for making shares read only or squash user permissions to a certain user or group ID. It's common to squash all users or just the root user to the NFS nobody user…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.