[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [seul-edu] Alternatives to NIS

To: seul-edu@seul.org
Subject: Re: [seul-edu] Alternatives to NIS
From: Harry McGregor <micros@azstarnet.com>
Date: Mon, 23 Oct 2000 09:53:49 -0700 (MST)
Delivery-Date: Mon, 23 Oct 2000 12:54:07 -0400
In-Reply-To: <12556.972319544@redhat.com>
Reply-To: seul-edu@seul.org
Sender: owner-seul-edu@seul.org

On Mon, 23 Oct 2000, David Woodhouse wrote:

> No. That has nothing to do with NIS. That's NFS. You don't need to run NIS
> on either the server or the client to see this.

Yep, though it does make it easier.

> Recent example: sunsite.org.uk had their Red Hat 7 mirror readable by uid 
> 19837, even before it was supposed to have been released to the public.
> By adding a user with that id to my local password file, and becoming that 
> user, I was able to read the files.
> 
> NIS might perhaps have saved me a few keystrokes - but not many. It's not 
> the cause of the problem. NFS is. 

Ok,  I see your point.  If someone has the ability to setup themselves on
an NIS network, they have the ability to add a user to their system...

I am still working on ways to increase security before attempting a high
school install, so far we have: no floppy drive, no local hard drive, root
over nfs, either NIS/LDAP or for some  of the systems a shared passwd
file, due to the root over nfs.

			Harry 
> --
> dwmw2

--
Harry McGregor, CEO, Co-Founder
hmcgregor@osef.org, (520) 202-OSEF (6733)
Open Source Education Foundation, http://www.osef.org

Follow-Ups:
- Re: [seul-edu] Alternatives to NIS
  - From: David Woodhouse <dwmw2@infradead.org>

References:
- Re: [seul-edu] Alternatives to NIS
  - From: David Woodhouse <dwmw2@infradead.org>

Prev by Date: [seul-edu] Linux in education report #31 for October 23
Next by Date: Re: [seul-edu] Alternatives to NIS
Prev by thread: Re: [seul-edu] Alternatives to NIS
Next by thread: Re: [seul-edu] Alternatives to NIS
Index(es):
- Date
- Thread