I am trying to set up openid in my application. I came across this plugin: http://github.com/rails/open_id_authentication/tree/master In there it says: "Alternatively, you can use the file-based store, which just relies on tmp/openids being present in RAILS_ROOT. But be aware that this store only works if you have a single application server. And it's not safe to use across NFS" They never explain why its not safe. If NFS is used within your internal / private network what is not safe about it? I did some research and came up with nothing. Maybe someone here knows what they are talking about. Thanks!
on 2008-11-10 03:53
on 2008-11-10 11:11
On Nov 10, 1:53 am, Ben J. <email@example.com> wrote: > server. And it's not safe to use across NFS" > I'd hazard a guess that "safe" refers to locking problems and so on rather than privacy concerns. Fred
on 2008-11-11 14:54
Actually I believe NFS does file locking (I think it'd have to use locking to prevent contention between multiple devices). I think that really what the Author is saying is that NFS traffic is transmitted in the clear. So if the network for NFS is viewable by others, they'd get your secure data just by sniffing the network. I'd bet they assume your NFS mount is across a public network. -Dale On Nov 10, 3:09 am, Frederick C. <firstname.lastname@example.org>
on 2008-11-11 15:10
On 11 Nov 2008, at 12:53, Dale wrote: > > Actually I believe NFS does file locking (I think it'd have to use > locking to prevent contention between multiple devices). > Quite possibly, but I wouldn't bet that the file based store is doing that locking. The easiest way might be to ask on the rails-core list for clarification (would have thought it was fair game if it's hosted at rails' github account. Fred