Diskless Bastions & NFS; How secure is NFS (on Linux) rated?

["Steve Wray" <steve.wray () paradise net nz>]

Hello to the list!

I have recently been experimenting with a diskless,
network booting bastion with root over NFS.

One advantage I have found is that Host-based IDS
can be run on the NFS server not the bastion.

This means that filesystem changes made by
an intruder can be spotted, and reversed, remotely.

The HIDS database & processes are shielded from the
attacker. The attacker won't even know its being
performed until their root kit is mysteriously
deleted (for example).

My question for the list is, naturally,
How secure is (Linux) NFS rated?

The bastion must mount its root filesystem thus;

/vol/bastion bastion(rw,no_root_squash)

which raises the spectre of a remote NFS
root exploit.

How robust is no_root_squash?

Is it possible that a bug could exist in
NFS which would allow the lack of root
squashing to propagate out of the directory
which is thus exported? (assuming that there 
are no symlinks in the exported directory
structure which link out of it).

Thanks!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html