[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [seul-edu] Alternatives to NIS
With NFS you need more than identical user names, you need identical UID
and GID, compair your /etc/passwd on your server, and on your
workstations.
As has been pointed out already in this thread, the security issue is not
with NIS, it's with NFS, and since you have control over not just users,
but machines on your network, you should be fine.
Harry
On Mon, 23 Oct 2000, Dave Prentice wrote:
> Chris,
> Since I am the only one with root access to any of the machines (everybody else is a student), it sounds like NIS should be OK. Right?
> Also, before setting up NIS I am trying to move the students' home directories to a central hard drive located on the server. The drive is set in the server's /etc/exports as rw for all users via NFS. Other machines see it just fine and can read from it. However, they won't write to it. When I create a username on the server and then go to another machine where I created the same username and password with the NFS directory as its home directory, I keep getting the message that it is a read-only directory. Do I change something with chmod, or what?
> Thanks,
> Dave Prentice
> prentice@instruction.com
> http://www.originsresource.org
> http://www.prenticenet.com/home/dprentice
> -----Original Message-----
> From: Chris Hedemark <hedemark@bops.com>
> To: 'seul-edu@seul.org' <seul-edu@seul.org>
> Date: Monday, October 23, 2000 10:22 AM
> Subject: RE: [seul-edu] Alternatives to NIS
>
>
> We're planning on going to NDS most likely. We're on NIS+ now with NIS backward compatibility enabled.
>
> MAJOR security hole - anyone with any UNIX machine that has root access to that machine can become any NIS user without the need for a password. This is one of the many reasons that I hate NIS.
>
> -----Original Message-----
> From: Dave Prentice [mailto:dprentice@uno.edu]
> Sent: Sunday, October 22, 2000 10:28 PM
> To: seul-edu@seul.org
> Subject: [seul-edu] Alternatives to NIS
>
>
> Anybody,
> A while back I seem to remember someone saying NIS is "evil." Since my classroom network is now stable enough to begin to expand from the present 7 machines, I want to centralize access and passwords. What alternatives are there to NIS, or should I just go with it?
> Thanks,
> Dave Prentice
> prentice@instruction.com
>
>
--
Harry McGregor, CEO, Co-Founder
hmcgregor@osef.org, (520) 202-OSEF (6733)
Open Source Education Foundation, http://www.osef.org