Tue Jan 29 19:11:24 CET 2008


the problem with nfs is that it is security based on physical network
access. i'm trying to figure out some security model so i don't need
to think about it any more.

 * nfs is very convenient for playing movies + videos over the network
 * nfs is necessary for diskless access (root + home dirs)

how to solve this?
 - regard local realm as secure
    * physical access: managable = +- same as physical computer access
    * logical (VPN): more difficult: VPN keys are then high rank

intermediate solution: no NFS over vpn?

there's no clean cut..

problem is: anything connected through NFS should be regarded as a
single machine. if there's physical access to any part of the machine
(or VPN access) then you're in.

trying sshfs, but this is not so obvious either. looks like it's slow

so these are 2 security models:
  * user/key (ssh) based: fairly secure over insecure network
  * NFS: needs network level security (network = machine)

maybe best to limit NFS to diskless root (limited) + readonly access
to public data.