Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: NFS security issues with lockd and statd
Special Forums Cybersecurity NFS security issues with lockd and statd Post 85 by Neo on Friday 13th of October 2000 01:30:11 AM
Old 10-13-2000
You must insure that the versions of network daemons such as the services you decribe in your post are running the lastest patches which have addressed the vulnerabilites you are concerned about. Most software with known vulnerabilites has patches to close the security holes. NFS has had many vulnerablities, historically, over the years; but they are patched and newer versions fixed. You should check to see what versions you are running and make sure you have the latest versions.
 

9 More Discussions You Might Find Interesting

1. AIX

Problem with NFS & rpc.lockd-Help Needed

We have windows clients that access drawing files shared from our AIX server using NFS. The Windows clients are intermittently unable to open files or access the system. For some reason restarting the rpc.lockd temporarily resolves the problem. However, that is the only clue I have to what the... (1 Reply)
Discussion started by: theologic
1 Replies

2. Solaris

How to Implement NFS Security in Sun Solaris 9

How to implement NFS Security in server where filesystem is configured as NFS & AutoFS? Any special patch need to be applied? What are the procedures? (1 Reply)
Discussion started by: KhawHL
1 Replies

3. Red Hat

Issues with LDAP user/group permissions on NFS share

I can't seem to make sense of this. $ cat /etc/redhat-release Red Hat Enterprise Linux Server release 5.2 Beta (Tikanga) $ $ mount /dev/sda2 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/sda1 on... (6 Replies)
Discussion started by: dfinn
6 Replies

4. Homework & Coursework Questions

Security issues with universal access of file

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: If you look at the permissions associated with a symbolic link, it has universal access. Does this lead to... (0 Replies)
Discussion started by: linux17
0 Replies

5. UNIX for Advanced & Expert Users

nfs mount permission issues

Hello, We have some new application requirements that require us to use nfs mounts from aix 5.3 and mount to Oracle Linux 5.6. Do you know why when on the destination ( linux ) box, the root user cannot access directories made by other users in the nfs mounted filesystem ? I read that there... (0 Replies)
Discussion started by: fwellers
0 Replies

6. BSD

FreeBSD AMD NFS over TCP issues

Hi! I have a major issue with FreeBSD 7.1 i386. We did a change in our Unix env where we exchanged home storage from a NetAPP running udp to a NetAPP running tcp. Now I cant mount homedirs since NFS/AMD seem to fallback to udp :( Trying to force it with amd options nfs_proto=tcp and so on. ... (0 Replies)
Discussion started by: Esaia
0 Replies

7. HP-UX

SFU and NFS issues

Hi, I support a small lab of older HP UX 9 and 10 boxes. We have some older NT 4.0 machines at each UX box, with a old ZFS Server programs hosting two mounted directories. (Each UX and NT machine is on its own private network via crossover cable). Due to hardware failure/support EOL on NT, I have... (3 Replies)
Discussion started by: the spyder
3 Replies

8. UNIX for Advanced & Expert Users

Cron security issues?

Does the use of cron (HP-UX 11) present a security risk IF it is only given to accounts which have shell access anyway. If it does present a risk, what is the risk? Can a script (or command) run via cron; run anything, write anywhere or read anywhere that the same user can not do outside of... (2 Replies)
Discussion started by: eileenkeeney
2 Replies

9. Red Hat

NFS mount issues

Hi Experts, I have been using Linux (Redhat server 5.6) as a NFS server and it is mounted to 4 linux (SUSE) servers for storing the db logs. I added an entry in fstab in all my 4 clients to make sure the mount is available all the time. but unfortunately the mount is not showing in servers after... (6 Replies)
Discussion started by: sarav
6 Replies

LEARN ABOUT HPUX

cleanup

cleanup(1M)															       cleanup(1M)

NAME

       cleanup - HP-UX patch cleanup utility

SYNOPSIS


DESCRIPTION

       The command provides functions useful when dealing with HP-UX patches on HP-UX.

       The command logs all information to

   Options
       recognizes the following options:

	      Preview the task but do not actually perform the requested action.

	      Notify the user of
		     tasks and request confirmation before performing the requested action.

	      Commit patches superseded at least
		     number  times.   This  option  is a front-end to the option of (see swmodify(1M)) that provides an easier interface to commit
		     multiple patches at once.

	      Remove patches in the specified software depot that have been superseded by
		     patches also available from the depot.

	      Specifies whether the software depot contains patches for HP-UX 10.X or 11.X
		     releases.	This option is only valid with the option.  If the option is not specified, it defaults to HP-UX 11.X patches.

	      Specifies whether patches in the software depot that contain a corequisite or
		     prerequisite attribute specifying one of the superseded patches as a dependency should also be removed.  This option is valid
		     only with the option.  If the option is not specified, it defaults to true.

	      Remove HP-UX 10.X patches that remain in the Installed Product Database
		     after an upgrade to HP-UX 11.X.  These patches are removed from the IPD so that they are no longer displayed in the output of
		     the command (see swlist(1M)).  The HP-UX 10.X patch files are also removed from

	      Correct the
		     attribute for HP-UX 11.X patches.

   Recommendations
       The command should be executed after updating to HP-UX 11.X from HP-UX 10.20.  It is not necessary to execute after updating from one  ver-
       sion of HP-UX 11.X software to another because SD-UX will properly remove 11.X patch information from the IPD in these situations.

       The  command  should  be  executed whenever patches are added to a software depot.  It is not a requirement that superseded 11.X patches be
       removed from a software depot, but it is a recommendation to conserve disk space and to avoid confusion.  If superseded	patches  exist	in
       the same depot as patches that supersede them, SD-UX on HP-UX 11.X will handle the situation properly.

       The  command can be executed to commit all patches that have been superseded at least the specified number of times.  The only benefit from
       committing patches is that disk space will be recovered in the

       The command can be executed to insure that the attribute of all patch filesets is set correctly.  There are several known situations  where
       the  attribute  will  be  set  incorrectly.  This command can be run at any time, but will be most useful after a system has been installed
       using Ignite-UX.

AVAILABILITY

       This command is standard on HP-UX 11i v3.  On 11i v2 it is available in patch PHCO_32220 or a superseding patch.  On 11i v1 it is available
       in patch PHCO_27780 or a superseding patch.

WARNINGS

       Extreme	care  should  be  used	when  committing patches.  Once a patch has been committed, it cannot be removed from the system.  Patches
       should only be committed when you are satisfied with their behavior.  Recovering disk space should not be the only factor  considered  when
       committing patches.

AUTHOR

       was developed by HP.

SEE ALSO

       show_patches(1), sysdiff(1), check_patches(1M), swlist(1M), swmodify(1M), swremove(1M), sd(4).

																       cleanup(1M)
All times are GMT -4. The time now is 04:07 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy