Return to BSD News archive
Xref: sserve comp.sys.powerpc:31023 comp.sys.intel:27792 comp.os.misc:3639 comp.unix.bsd:15790 comp.unix.pc-clone.32bit:7945 comp.unix.sys5.r4:8993 comp.unix.misc:15376 comp.os.linux.development:21985 comp.os.linux.misc:32683 comp.os.linux.misc:32684 comp.os.386bsd.development:2954 comp.os.386bsd.misc:4626 Newsgroups: comp.sys.powerpc,comp.sys.intel,comp.os.misc,comp.unix.bsd,comp.unix.pc-clone.32bit,comp.unix.sys5.r4,comp.unix.misc,comp.os.linux.development,comp.os.linux.misc,comp.os.linux.misc,comp.os.386bsd.development,comp.os.386bsd.misc Path: sserve!newshost.anu.edu.au!munnari.oz.au!bruce.cs.monash.edu.au!harbinger.cc.monash.edu.au!news.mira.net.au!otis.apana.org.au!serval.net.wsu.edu!netnews.nwnet.net!oracle.pnl.gov!osi-east2.es.net!lll-winken.llnl.gov!uwm.edu!news.moneng.mei.com!hookup!news.Direct.CA!news.indirect.com!wes From: wes@indirect.com (Barnacle Wes) Subject: Re: Interested in PowerPC for Linux / FreeBSD / NetBSD? Message-ID: <D1HHps.27n@indirect.com> Sender: usenet@indirect.com (System Operator) Organization: the Briney (notso) Deep Date: Tue, 27 Dec 1994 19:20:16 GMT References: <3cilp3$143@news-2.csn.net> <3d4ucp$sbn@hearst.cac.psu.edu> <SCHWARTZ.94Dec27135416@galapagos.cse.psu.edu> X-Newsreader: TIN [version 1.2.1 [BP] PL2.1] Followup-To: comp.sys.powerpc,comp.sys.intel,comp.os.misc,comp.unix.bsd,comp.unix.pc-clone.32bit,comp.unix.sys5.r4,comp.unix.misc,comp.os.linux.development,comp.os.linux.misc,comp.os.linux.misc,comp.os.386bsd.development,comp.os.386bsd.misc Lines: 27 Terry Lambert <terry@cs.weber.edu> wrote: > Clearly, you have not followed the current developements in NFS if > you believe you can't use secure-key technology. Scott Schwartz (schwartz@galapagos.cse.psu.edu) replied: : That doesn't address the problem. People do want to run : non-antiquated software, but AFS costs way too much money and rn : doesn't run on Plan-9. I suggest that vendors ship NFS with Kerberos : and with no way to turn authentication off. Why does it not address the problem? Are you looking for a secure NFS installation, or just an NFS/Kerberos installation? Man netizens seem to have this knee-jerk reaction that Kerberos will solve all of their security problems so they will never have to think about security again. Bzzt! Wrong answer! If you have a site that is on the internet and you use NFS, you need a firewall that will not allow NFS traffic between your LAN and your internet provider. It is that simple, and that secure. If your firewall is configured correctly, you have *little* danger of exposure. BTW, most major vendors now support some sort of Kerberos authentication in their currently shipping NFS software. Making these work between any two different vendors implemenations is another problem altogether. If there were "one great version" of Kerberos, this might be different. Wes Peters