Remote File Sharing (RFS) is a distributed file system provided with most System V-based systems [ATT90]. RFS is also supported by more recent versions of SunOS. Unlike NFS which provides a generic file system, RFS provides an exact copy of a UNIX file system. Another difference between NFS and RFS is that RFS groups hosts into domains for facilitating mounting of file systems. For the most part, security threats associated with NFS are also associated with RFS.
This section lists threats associated with various aspects of RFS. Section 10.2.9 lists ways to make RFS more secure. RFS provides four levels of security to protect resources [Cur92].
Before attempting to mount remote resources the local system must first set up a connection to the server. For many systems, rfadmin is the RFS verification command used to restrict access to a given set of machines. This command specifies a password which must be entered before a system is allowed to connect to a server. If a password has not been provided for a system, that system is allowed to connect to the server without a password check. This poses a threat of unintended access, especially if precautions were not taken when exporting files.
Once a connection has been established between a system and a server the system may mount any file systems that the server has exported. For System V Release 4 version of RFS, share is used to export file systems. Appropriate options should be specified for share so that unintended access is not granted for resources.
As a method of controlling access to resources, a system administrator is able to create user and group id mappings by editing the files uid.rules and gid.rules. These files allow global rules and host-specific rules to be specified. The threat of denial of service may result if user and group mappings are set up in such a way that users are not able to access their own files. On the other hand, poorly defined user and group mappings may allow unintended access to resources.
UNIX file permissions that are improperly set can allow unintended access for local users of a system. Unintended access can also be threat when files are exported with improperly set file permissions.