"public NFS" on freedesktop.org ? / was: Re: [Xorg] Anon Ftpon freedesktop.org?

Roland Mainz roland.mainz at nrubsig.org
Mon May 24 23:58:18 PDT 2004


Sean Middleditch wrote:
> > > NFS itself is an RPC service, and the core RPC service itself has been
> > > severely flawed in the past.  Opening *any* service that uses RPC is
> > > dangerous.
> >
> > Did you read RFC 2054 ("WebNFS Client Specification") yet ? I am talking
> > to open _ONE_ port, not all RPC ports. "portmap" ports would NOT be open
> > in this case.
> 
> Ah, no, I wasn't aware of WebNFS.  My apologies.  Looking online,
> though, I don't see any software that claims to implement RFC 2054, at
> least not in mainstream usage. 

AFAIK each normal NFS client can use WebNFS.
In the case of Solaris (and some Linux distributions) you can simply use
the automounter to mount a WebNFS share:
% cd /net/ftp.x.org/pub/more_stuff_comes_here
would go to the dir "/pub/more_stuff_comes_here/" on host ftp.x.org. The
people do not need to know how to use "mount" or any root priviledges...
they only do a simple CWD and can access the files.

> What benefit would there be to using
> WebNFS in that case instead of something very widely implemented like
> WebDAV which can also be mounted on UNIX machines like other network
> file systems?  And which can be accessed with no administrative effort
> using any modern file manager on Windows, OS X, GNOME/KDE, etc.?

See above. WebDAV isn't accessible via the automounter,
NFS-via-automounter is accessible on nearly all Unix distributions and
at least on some of the Linux distributions.

> > > > there for ftp deamons than the NFS deamon (this issue isn't really that
> > >
> > > That is an fairly worthless statement.  ;-)  There have been a lot of
> > > security flaws in a certain FTP daemons, yes.  That has absolutely no
> > > effect on whether the NFS daemon is secure or not.  Comparing apples and
> > > buicks.
> >
> > I am not comparing apples and buicks, I am trying to explain that a
> > public, readonly WebNFS server isn't a larger security thread than a ftp
> > server. We're doing that here to share CD images for the various
> 
> It is if the FTP server is secure and NFS server isn't.  Which was my
> point.  *Some* FTP servers have had security holes, yes.  That in no way
> means the one that FreeDesktop.org uses is insecure.  There are plenty
> of FTP servers with perfect security records.  Just like how even though
> Sendmail has been known to have frequent security flaws there are still
> MTAs that are very secure.

Erm... "sendmail" is every often hit because it is very popular. Some
Linux distributions tried to avoid the issue and switched to "postfix" -
and suddenly that MTA had lots of reports about exploits. So far the
term "perfect security records" isn't much usefull.

> Furthermore, even if the FTP server *is*
> insecure, that is absolutely no excuse to add yet another insecure
> server.  One might as well say that just because FTP is running there's
> no point in using SSH instead of telnet or even using passwords; the
> machine's got a potential security hole anyway, right?  ;-)

:)

> > distribuions and a couple of Linux distributions do the same.
> >
> > > > security sensitive since there are a couple of public NFS servers for
> > > > Debian packages...) ... :)
> > >
> > > And there are plenty of Windows users connecting their home machines
> > > right into a cable modem with no firewall and sharing their hard-drives
> > > with everyone on their local block over CIFS.  Doesn't mean it's good
> > > practice.
> >
> > Please define "good practice". The idea is much better than letting
> > people download large packages or CD images via ftp - they could
> > directly work on the shared files itself.
> 
> And what benefit does that provide? 

See above. People can use WebNFS shares without being root or any other
modifications in their default setup. They simply to a CWD and use the
files on ftp.x.org.

> Either way, the whole thing needs
> to be taken from the server to their local machine.  FTP file systems
> exist for UNIX so users can mount them and tools like cdrecord can
> stream the file over the network (assuming you have burnfree or
> something in use) and so on. 

Do you know how these ftp filesystems work in the background ? In the
worst (usually the common... ;-( ) case they transfer the complete file
to the client first, regardless whether you only need the first <n>
bytes - try % find /path_to_ftp_filesystem | while read i ; do file "$i"
; done # and you'll see how silly the idea of a ftp filesystem is
(unless the ftp server supports extensions for random seek+block
reads... but that isn't covered by ftp daemons which implement only the
features defined by the RFC for ftp).

> WebDAV is also available in the same way.

Please name me ONE Unix OS (except Linux) which can mount WebDAV shares.
AFAIK neither Solaris nor AIX nor HP-UX can do that.
And who claims that WebDAV is more secure than WebNFS in the scenario
described above ?

> NFS doesn't offer anything useful over these in a read-only scenario.

See my first usage example above...

----

Bye,
Roland

-- 
  __ .  . __
 (o.\ \/ /.o) roland.mainz at nrubsig.org
  \__\/\/__/  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
  /O /==\ O\  TEL +49 641 7950090
 (;O/ \/ \O;)




More information about the xorg mailing list