[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [seul-edu] Alternatives to NIS

To: seul-edu@seul.org
Subject: Re: [seul-edu] Alternatives to NIS
From: David Woodhouse <dwmw2@infradead.org>
Date: Mon, 23 Oct 2000 17:56:58 +0100
Delivery-Date: Mon, 23 Oct 2000 12:57:19 -0400
In-Reply-To: <Pine.GSO.3.96.1001023095128.8811K-100000@andromeda.azstarnet.com>
References: <Pine.GSO.3.96.1001023095128.8811K-100000@andromeda.azstarnet.com>
Reply-To: seul-edu@seul.org
Sender: owner-seul-edu@seul.org


micros@azstarnet.com said:
>  I am still working on ways to increase security before attempting a
> high school install, so far we have: no floppy drive, no local hard
> drive, root over nfs, either NIS/LDAP or for some  of the systems a
> shared passwd file, due to the root over nfs. 

Don't use bog-standard NFS if you want any form of security in the face of 
attackers with physical access. Secure-NFS ought to be safe. AFS too, but 
there are no production-quality Linux clients (cue Arla developers to tell 
me I'm wrong...)

I think there were Secure-RPC patches for Linux somewhere. Try 
www.kerneli.org.

--
dwmw2

References:
- Re: [seul-edu] Alternatives to NIS
  - From: Harry McGregor <micros@azstarnet.com>

Prev by Date: Re: [seul-edu] Alternatives to NIS
Next by Date: RE: [seul-edu] Alternatives to NIS
Prev by thread: Re: [seul-edu] Alternatives to NIS
Next by thread: RE: [seul-edu] Alternatives to NIS
Index(es):
- Date
- Thread