The root user has access to remote folders/files of any user?

Hi, all!

Prelude: OpenSUSE 11.2 (2.6.31.8-0.1-desktop), installed Novell client
2.0 SP2 (novell-client-2.0-sp2-sle11-i586.iso).

I found that if any usual user is logged into a NDS-tree, then local
root has full access to user’s network shares, including the user’s
home directory located on remote Netware-server. Is it by design or
have I missed something?

Nevertheless in windows local admin has no access to network resources
mounted of any other user. If you runas shell (as admin) then admin in
principle can’t “see” network shares which were mounted (connected) by
other users - they are accessible (“visible”) per session.

WBR,
Sergei Dubrov

Correct me if I am wrong, but I think after some resource is mounted is will be treated like any other resource (either remote or local) of your computer. And root is the allmighty one for everything on your computer.

The mounting has to be done by a user with access to the remote resource. The local root will have no more and no less access permissions on the remote resource than the user who actually mounted this.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Good question, and it depends on how you are doing the mounting. SMB
mount? Yes, I think so. NFS mount? By default probably not.

Good luck.

joostvanrooij wrote:
> Correct me if I am wrong, but I think after some resource is mounted is
> will be treated like any other resource (either remote or local) of your
> computer. And root is the allmighty one for everything on your
> computer.
>
> The mounting has to be done by a user with access to the remote
> resource. The local root will have no more and no less access
> permissions on the remote resource than the user who actually mounted
> this.
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLWVBJAAoJEF+XTK08PnB56rAP/jtZ2rkQYKuiVjSr9VRm0de7
d+wCxpcclhG8/RNRr9+NHX6yFKZKNh6hASb/qiPzAsvkjU9JZ92lHANhCCCVS0dF
lxHLX252C0n8bMGiDee0RM1+PmuXkaaYD04daNzWH86mV4r02+7qZquv1AaL575w
NfsyJK1lrS25hbWD5jI3rzInCkZzV+vVAXoJYku0RYRxPV148nABvq8sMNaMkzl4
BwAAxCSCYUA7dU+4Yx+NmIPx6edJnPiRCyh+55JzYgplGduDDS/xl+vroOTZyaBx
Zo/rviUDXIJfJm+n+g3w8qfl3PwL9MNAaDzKUZsjyjKAf203aA+XtXHfYGRrESqB
UirPlCtU040V1rFvXtWBmF3bbV3KJb92R5EGfHf14BaL71jHCHqnB1rnmK1Z3KeX
pRaYDU6fhAzJLoN483A8B+6mu4mZJ35+nzclh0LCQiaNtHPIB3oRH1+THp5ItQIt
PjJ2G1zG0GCZEH0BAXzejPuzBiMjTdLHUny8APiiQ0orfxVG3UEmdQJeVaBrb+pH
61CM7maN9LG339HN/KT3R8HnSf4/bdOMWAWOnXqAH3JFkFrTT8p4TlCnObDZe+da
N2kHhknDIxgoUs9b8475IjYS10XGyJfzaWFLHIRi5h1zioMmz/rzMresTU/aikhm
r0okM1uoadAsbdxKpDgk
=27iW
-----END PGP SIGNATURE-----

On Fri, 22 Jan 2010 07:14:17 +0000, ab@novell.com wrote:

> Good question, and it depends on how you are doing the mounting. SMB
> mount? Yes, I think so. NFS mount? By default probably not.

OP says they’re using NCL 2.0, so it sounds like a LUM issue to me (root
is probably mapped to the tree admin user).

And NFS, yes, the root user would have rights because the UID is the same
on all systems.

Jim


Jim Henderson
openSUSE Forums Moderator