12.2. How secure are NIS and NFS?NFS and NIS have bad reputations for security. NFS earned its reputation because of its default RPC security flavor AUTH_SYS (see Section 12.4.1, "RPC security" later in this chapter) is very weak. There are better security flavors available for NFS on Solaris and other systems. However, the better security flavors are not available for all, or even most NFS implementations, resulting in a practical dilemma for you. The stronger the NFS security you insist on, the more homogenous your computing environment will become. Assuming that secure file access across the network is a requirement, another option to consider is to not run NFS and switch to another file access system. Today there are but two practical choices:
Copyright © 2002 O'Reilly & Associates. All rights reserved.