NFS security ...

[buff@pravda.cc.gatech.edu (Richard Billington)]

As far as I know, the nfs protocol makes no provision for security, leaving
that up to the hosts involved. Since the Symbolics has no security, that means
that someone can login as anyone on a Symbolics and have that anyone's nfs
mounted files on a "secure" nfs server completely available to them.

What I propose is a simple nfs-export protocol. Has anyone done anything like
this?

UNIX-side:

	a protocol that validates username and password before allowing itself
	to be executed, and executes by exporting a predetermined list of
	file-systems to the calling host.

	a protocol that unexports said file-systems to the calling host.

	a frequently run program that looks for nfs daemons for each of the
	hosts which are (a) symbolics (as determined by some list in a file)
	and (b) currently exported. If the daemon is not found for a host in
	this class, immediately unexport the file-systems to this host (this
	is to take care of connections broken by other than logging off).

Symbolics-side:

	client-sides for the above protocols which are called, for the first,
	whenever an error is returned to nfs saying the file systems aren't
	exported to this host, and for the second, whenever a user logs out.

I'm not a 100% sure this scheme will work, but it seems worth trying, unless
someone has already done something like this ... or something which has the
same effect. Comments or fixes?