2

Our small business has about 10 employee workstations and an LDAP/NFS server infrastructure. We need to deploy our proprietary application (a compiled binary) on all of the workstations. But since we may be updating our application frequently, we are looking for better options than copying a new version to each station every time an update occurs.

We are considering creating an /opt share on the NFS server, and mounting /opt/shared (or similar) on all of our stations. That way, when we update our application, we can simply put a new one on the NFS server rather than doing it on 10 different stations.

Is this a viable option? Are there any drawbacks in performance, security, or maintainability?

Nick
  • 1,101
  • Well lot's of security issue if someone take over your nfs file for example, because he can put a sticky bit enable binary in this and be executed as root on remote system. a repository like apt or yum would be more secure with chesum and so on – Kiwy Jan 09 '14 at 15:20
  • @Kiwy I think you're mistaking the sticky bit with the setuid bit: https://unix.stackexchange.com/questions/79395/how-does-the-sticky-bit-work – Centimane Aug 25 '17 at 15:38

1 Answers1

1

Yes, perfectly viable. In response to other answer, if someone can hack in to your server they can hack in to any and all other machines.

Many benefits to central content distribution mechanism (which is what you're proposing) for binaries. In particular, easier to backup one place vs 10 desktops, easier to run security scans in one place vs 10, etc etc.

netrc
  • 11