Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mira.net.au!inquo!bofh.dot!in-news.erinet.com!bug.rahul.net!rahul.net!a2i!ddsw1!news.mcs.net!not-for-mail From: les@MCS.COM (Leslie Mikesell) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Can FreeBSD mount Netbeui volumes? Date: 14 May 1996 23:51:44 -0500 Organization: /usr/lib/news/organi[sz]ation Lines: 50 Message-ID: <4nbnt0$ndo@Mercury.mcs.com> References: <postmaster-0905961001120001@206.65.200.5> <319404CD.33E93F68@lambert.org> <4n1urr$rjj@uriah.heep.sax.de> <31950D9C.15C6228A@lambert.org> NNTP-Posting-Host: mercury.mcs.com In article <31950D9C.15C6228A@lambert.org>, Terry Lambert <terry@lambert.org> wrote: >But the security model in BSD (and UNIX, in general) needs to >change for it to be practical for anything but single user >machines not offering authentication services (telnet/rlogin/ftp/ >http/gopher/nfs/etc.). I disagree. (a) Authentication is up to the whim of the person who knows the root password on any unix machine (at least if you are relying on uid's reported by that machine). If you don't trust the root user to treat resources appropriately you shouldn't let that machine have access. If you do trust the root user, then you should let him protect the mount points appropriately. (b) We may be talking about WFWG servers here which don't have much in the way of user concepts. (c) Fully shared access to files may be appropriate for certain uses. >] However, the security considerations are to be taken serious. >] I could however think of a model where an SMB file system can >] be used to access all the services marked `public'. > >You could, but it redefines public from meaning "accessable to >any authenticated user" to meaning "accessable to any user, >authenticated or not". Only if the authenticated root user on the remote machine decides to make it so. >Because the UNIX box would authenticate once and could >credential gateway by proxy any user from the internet or >dialup lines onto the thing. Which violates the credential >model in SMB (which doesn't support the concept "proxy"). Yes, that may be what you want. If it isn't don't make the mount point accessable to anyone else. >Any time you start permitting proxy when "emulating" a DOS >client to a network server (LANMan, NetWare, ATP, etc.), you >break security. But servers that rely on client politeness already have broken security. Are you suggesting that operating systems should omit all features that have the potential to be misused? Les Mikesell les@mcs.com