[OpenAFS] Re: [SAGE] Code to demo NFS/UDP weakness?

[Daniel Clark]

On 8/2/06, Skylar Thompson <skylar@cs.earlham.edu> wrote:
> Daniel Clark wrote:
> > I'm putting together a "NFSv3 is disgustingly insecure, we should move
> > to OpenAFS" type presentation for my management [1]. I've found
> > explanations to be less than completely understood, so I've decided to
> > put together a demo.
> >
>
> This seems like a bit of an overreaction. Why not just Kerberize your
> NFS setup? You'll have to setup Kerberos anyways for AFS, and AFS can be
> a PIA to work with.

Because Kerberized NFSv3 was never standardized or widely implemented,
or well documented across vendors. Here is a partial list of all of
the platforms we need to support; I have verified working IBM or
OpenAFS clients on almost all of them:

AIX 4.3.1, 4.3.3, 5.1, 5.2, 5.3
GNU/Linux: Debian Woody and later
GNU/Linux: Redhat 6.0 and later, RHEL 3 and later
GNU/Linux: SuSE SLES8 and later
GNU/Linux: Ubuntu Breezy Badger and later
GNU/Linux: United Linux 1.0
Solaris/sparc: 2.6, 7, 8, 9, 10
Solaris/x86: 10

If you can point me to a site describing how to set up Kerberized
NFSv3 across all of these platforms, I'd love to see it.

Also I'm not a Kerberized NFSv3 expert, but it would be hard for me to
believe that it would solve *all* of the numerous NFSv3 security
problems.

> Where I work, we're moving off AFS to Kerberized NFS because AFS can be
> difficult to work with.

You must have limited platform support requirements :-)

I've also admined both, and have had far more problems with NFSv3,
esp. with things sort-of-but-not-really working in difficult-to-debug
ways, weird performance issues, and the automounter code, which is
different for each platform, can work in inconsistant ways, and often
requires a reboot of the machine to fix.

--
Daniel Clark
dclark@pobox.com