Novell Documentation: Novell Native File Access Pack for NetWare 5.1

Comparing NetWare and NFS File Security

NetWare and NFS file and directory security differ in some respects, but both systems base the degree of security on the following:

A user's need for and right to the information

The sensitivity of the information

To protect file information, the system separates users into classes. Each class is permitted only necessary file access.

When an exact mapping of rights between the two systems is not possible and the access control mode specifies a conversion, the file sharing service translates the rights in favor of tighter rather than looser control. Even though the automatic translation between NetWare rights and NFS permissions honors the security of both systems, the following can occur:

A user can have rights in NetWare that are denied in NFS because a direct translation is not possible. It is better to limit permissions than grant unintended access.

Rights added from NetWare might not add to the permissions allowed for the NFS user.

The automatic mapping of access controls has the following advantages:

The system administrator can control the trade-off between security and ease-of-use.

It maintains each client system's level of security.

It does not impair the operation of other software.

It functions simply, and the process implements nothing new beyond the normal requirements of NetWare or UNIX. A NetWare user or a UNIX user does not need to know anything about the access rights in the other system.

The following sections discuss the NFS and NetWare file access controls.

NFS Controls

For each of the three NFS user classes (User, Group, and World), there are three access controls, called permissions. For a file, these permissions allow a user to read from, write to, and execute the file.

For a directory, the same permissions apply. Users need read permission to use the ls command to list the files in a directory. They need write permission to add or remove files from a directory. They need execute permission to access the directory with the cd command or use the directory as part of a path. To access a file in a subdirectory, users must have the proper permissions for the file and for all the directories in the path.

NetWare Controls

NetWare Rights Security is based on the combined effects of trustee rights and rights invoked with the Inherited Rights Mask. (See the NetWare documentation for descriptions of these NetWare security terms.) The actual rights a user can exercise in a directory or file depends on these combined rights, which are referred to as a user's effective rights. Effective rights translate between NFS and NetWare directories and files.

The NetWare effective rights that pertain to either directories or files are summarized in the following table.

Table 9. Description of NetWare Rights

NetWare Rights	Privileges Granted
Supervisor	All rights; overrides any restrictions placed by the Inherited Rights Mask.
Read	Right to open and read or execute.
Write	Right to open and modify.
Create	Right to create; when assigned to a file, allows a deleted file to be recovered.
Erase	Right to delete.
Modify	Right to rename a file and to change attributes.
File Scan	Right to see directory or file listings.
Access Control	Right to modify trustee assignments and the Inherited Rights Mask.

Effective rights can also be transferred from one user to another. This transfer of effective rights, called security equivalence, allows one user to have the same rights as another. Transferred effective rights are also translated between NFS and NetWare.

Besides a user's effective rights, some NetWare file attributes put additional controls on specified directories or files. (Refer to Attributes in the NetWare documentation.) These controls take precedence over a user's effective rights. A user with the Modify right, however, can override the file attributes.

Impact of NetWare Security on NFS

If the NFS Gateway file sharing service is set up to use an access mode that translates access controls, the file sharing service effectively honors NetWare security on all given files and directories. In doing so, the rights as seen from NFS might appear more restrictive than the rights as seen from NetWare DOS. This apparent discrepancy occurs because NFS permissions are not as comprehensive as NetWare rights, and NFS might have no way of representing a right that is present on NetWare.

Impact of NFS Security on NetWare

If the NFS Gateway file sharing service is set up to use an access mode that translates access controls, NFS access can become too restrictive. If this happens, consider the following options:

Relax your NFS security by using a different access control mode.

Store data that users need to share in separate directories and files, and apply fewer restrictions.