Linked by Thom Holwerda on Thu 15th Jun 2006 15:36 UTC, submitted by user123
"Network attached storage has been known to Unix users for a very long time with NFS. NFS is reliable, performs well on the performance front, but it is infamous for its security. The biggest problem with NFS is that the client is responsible for controlling user file access. The NFS server just accepts file system operations on behalf of a given UID and enforces nearly no control. NFS require you trust your clients, something that may not be adequate. Andrew File System is an alternative network file system. In this interview, I ask Ty Sarna about his experience with AFS. Ty Sarna has been an AFS user since 1992 and is a NetBSD developer since 1998."
Thread beginning with comment 133813
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
RE: What about RPCSEC_GSS?
by EmmEff on Thu 15th Jun 2006 21:11
in reply to "What about RPCSEC_GSS?"
Member since:2005-09-16
Member since:
2005-09-16
NFS on Solaris has had RPCSEC_GSS support for several years now. Support on Linux has been added recently and does work. Of course, it requires the addition of a Kerberos KDC on your network but RPCSEC_GSS does add much-needed security to NFS.