[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] OT: harden solaris
I'm not sure I follow you. While all devices under Solaris (Unix in general) are technically files, you don't normally mount individual files unless they are block files (/dev/dsk/* for example). gzip and snoop don't fall into this category. Do you want to mount an encrypted filesystem from a different host onto your Solaris box? Encryption aside, I would not recommend mounting remote volumes at all on a FW (or sharing them on the FW to other hosts). There have been too many historical problems with the security of the necessary daemons (lockd, statd, nfsd, rpcbind). Loopback device? If you were to explicitly state the loopback address (mount 127.0.0.1:/something /mount-point), why wouldn't you just mount the device in the normal manner (mount /dev/dsk/* /mount-point)? Are you thinking of loopback filesystems? You can do some fun stuff with these, particularly with chroot environments. What exactly do you want to do? Chris -----Original Message----- From: Hartmann, Josef [mailto:[email protected]] Sent: Thursday, April 05, 2001 12:02 PM To: [email protected] Subject: [FW1] OT: harden solaris Hi, thinking about harden solaris but still having a few tools like gzip, snoop etc. I am questioning if solaris can mount an encrypted file using loopback device? Thanks Josef ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|