Web lists-archives.com

NFS client and untrusted server




All,

I want to backup a DMZ-server to an internal backup server.

Is it reasonable to setup an NFS-server in the DMZ and mount it from
the inside server using the read-only, noexec and nosuid options? Could
an attacker gain access to the internal server this way?

Does anyone use such a setup?

internal Server ---------------> DMZ
(NFS-Client)			(NFS-Server)

- Chris