NFS question
Martin Siegert
siegert at sfu.ca
Fri Jul 13 09:02:18 PDT 2001
On Fri, Jul 13, 2001 at 07:19:54AM -0500, Christoph Wasshuber wrote:
> I have a fundamental NFS question. Assume
> that we have three computers, X, HEAD, NODE1.
>
> X ----- HEAD ----- NODE1
>
> /vol /mnt/v1 /mnt/v2
>
> X is some computer on a larger network
> HEAD is also member of this larger network and
> knows about X and NODE1
> NODE1 is one of my beowulf nodes and does not
> know anything about the larger network.
>
> NODE1 does not know anything about X and X likewise
> does not know anything about NODE1. The HEAD knows
> both X and NODE1.
>
> Assume further that X exported his /vol directory
> and HEAD has mounted it on /mnt/v1. Everything is
> fine and working well. HEAD can access X:/vol by
> looking into /mnt/v1
>
> Now my question:
> Can NODE1 mount HEAD:/mnt/v1 so that NODE1 can
> access X:/vol by looking into his /mnt/v2?
>
> In other words can one mount a mounted directory?
No you can't. Otherwise it would we trivial to circumvent all access
restrictions (as specified in /etc/exports on node X).
NFS isn't very secure, but it is not that insecure.
Martin
========================================================================
Martin Siegert
Academic Computing Services phone: (604) 291-4691
Simon Fraser University fax: (604) 291-4242
Burnaby, British Columbia email: siegert at sfu.ca
Canada V5A 1S6
========================================================================
More information about the Beowulf
mailing list