[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [seul-edu] Alternatives to NIS

To: seul-edu@seul.org
Subject: Re: [seul-edu] Alternatives to NIS
From: David Woodhouse <dwmw2@infradead.org>
Date: Mon, 23 Oct 2000 17:45:44 +0100
Delivery-Date: Mon, 23 Oct 2000 12:47:11 -0400
In-Reply-To: <Pine.GSO.3.96.1001023093435.8811H-100000@andromeda.azstarnet.com>
References: <Pine.GSO.3.96.1001023093435.8811H-100000@andromeda.azstarnet.com>
Reply-To: seul-edu@seul.org
Sender: owner-seul-edu@seul.org


micros@azstarnet.com said:
>  you can then mount the nfs export, su to the user, and see the files.
>  NIS brings this from a matter of software security, to physical
> security.  

No. That has nothing to do with NIS. That's NFS. You don't need to run NIS
on either the server or the client to see this.

Recent example: sunsite.org.uk had their Red Hat 7 mirror readable by uid 
19837, even before it was supposed to have been released to the public.
By adding a user with that id to my local password file, and becoming that 
user, I was able to read the files.

NIS might perhaps have saved me a few keystrokes - but not many. It's not 
the cause of the problem. NFS is. 

--
dwmw2

Follow-Ups:
- Re: [seul-edu] Alternatives to NIS
  - From: Harry McGregor <micros@azstarnet.com>

References:
- Re: [seul-edu] Alternatives to NIS
  - From: Harry McGregor <micros@azstarnet.com>

Prev by Date: Re: [seul-edu] Alternatives to NIS
Next by Date: [seul-edu] Linux in education report #31 for October 23
Prev by thread: Re: [seul-edu] Alternatives to NIS
Next by thread: Re: [seul-edu] Alternatives to NIS
Index(es):
- Date
- Thread