# Limiting User Permissions

 rw and ro rw: Allow read and write access

 ro: Allow read-only access 

squash root\_squash: Treat root users as anonymous. 

no\_root\_squash: Allow root users to connect with elevated privileges. 

all\_squash: Treat all users as anonymous.

**USING TCP WRAPPER:** it gives you one consistant way to  restrict acces by filtering the ip address for any service like ssh etc not only nfs\
You have to know the service name, for NFS the rpcbind is what actually doing the connection

* rpcbind includes libwrap.so 
* Allows controlling TCP connections 
* TCP Wrapper Lists

 `/etc/hosts.allow`

 `/etc/hosts.deny`

*  Allow is applied first 
* Configuring 

In /etc/hosts.allow

 `rpcbind: 10.0.222.*` 

In /etc/hosts.deny 

`rpcbind: ALL`