[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [seul-edu] Alternatives to NIS
On Mon, 23 Oct 2000, David Woodhouse wrote:
> No. That has nothing to do with NIS. That's NFS. You don't need to run NIS
> on either the server or the client to see this.
Yep, though it does make it easier.
> Recent example: sunsite.org.uk had their Red Hat 7 mirror readable by uid
> 19837, even before it was supposed to have been released to the public.
> By adding a user with that id to my local password file, and becoming that
> user, I was able to read the files.
> NIS might perhaps have saved me a few keystrokes - but not many. It's not
> the cause of the problem. NFS is.
Ok, I see your point. If someone has the ability to setup themselves on
an NIS network, they have the ability to add a user to their system...
I am still working on ways to increase security before attempting a high
school install, so far we have: no floppy drive, no local hard drive, root
over nfs, either NIS/LDAP or for some of the systems a shared passwd
file, due to the root over nfs.
Harry McGregor, CEO, Co-Founder
firstname.lastname@example.org, (520) 202-OSEF (6733)
Open Source Education Foundation, http://www.osef.org