[mythtv-users] SMB or NFS?
Jarod Wilson
jcw at wilsonet.com
Fri Sep 24 16:13:36 EDT 2004
On Friday 24 September 2004 11:55, Kyle Rose wrote:
> Jarod Wilson <jcw at wilsonet.com> writes:
> > Except then you have to either make sure you have the exact same UID
> > on your Linux box as you do w/your OS X account, or export the NFS
> > share with world read/write. This is one of the big reasons I use
> > samba instead when mounting shares off my Linux boxes. Then I can
> > provide specific username and password information so I don't have
> > to worry about uids or exporting world-r/w.
>
> Since NFS has basically no security whatsoever (uid is just a number
> in the protocol, and there's no strong authentication of a machine's
> identity), I don't really see that there's much of a difference
> between rw for one user and rw for all users: once the server allows
> writing from any remote client, all bets are off.
Well, you don't let it allow writing from just any remote client, only the
ones that need it (yes, I know, someone could spoof the address, but chances
of that happening on a private LAN are minimal). And I think there's a
significant enough difference between r/w for one user and r/w for all users
that restrictions are a good thing. I'm not trying to argue that NFS is
secure by any means, but there are things you can do that help prevent
mishaps like your wife accidentally deleting something (not that I let her
connect by anything other than Samba though).
> This is why file
> systems like AFS and SFS exist.
Definitely. NFS was concocted in a kinder, gentler time. But its really easy
to set up, and really fast. Samba is probably the best choice for a balance
of security and ease. Personally, I intend to start playing with GFS soon...
--
Jarod C. Wilson, RHCE
jcw at wilsonet.com
Got a question? Read this first...
http://catb.org/~esr/faqs/smart-questions.html
MythTV, Fedora Core & ATrpms documentation:
http://wilsonet.com/mythtv/
MythTV Searchable Mailing List Archive
http://www.gossamer-threads.com/lists/mythtv/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mythtv.org/pipermail/mythtv-users/attachments/20040924/814b2d5f/attachment.pgp
More information about the mythtv-users
mailing list