>Number:         12149
>Category:       misc
>Synopsis:       NIS documentation doesn't cover 'secure maps'
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    misc-bug-people
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Feb 07 10:54:00 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     
>Release:        1.5
>Organization:
>Environment:
	
	All NetBSD 1.5 systems
>Description:
	
	The template /var/yp/Makefile.yp contains the following useful
	information in a comment:

	# Password maps in standard YP are insecure, because the pw_passwd
	# field is accessable by any user. FreeBSD, NetBSD and OpenBSD have
	# a common solution: a secure map (generated with makedbm -s) can
	# only be accessed by a client bound to a privileged port.
	#
	# Uncomment out the following if you need compatibility with
	# sites that don't support this feature.
	#
	#INSECURE?=     yes

	This is great, except that none of the NIS related man pages
	mention that NetBSD uses a special secure solution which is only
	common to NetBSD, FreeBSD, and OpenBSD.  When using a NetBSD
	system as an NIS master server, it's not immediately apparent
	why your non-*BSD NIS clients can't authenticate their users.

>How-To-Repeat:
	
>Fix:
	
	Information should be included in the man pages about this (even
	in just a general sense) perhaps with a pointer to see the
	/var/yp/Makefile.yp for details.

>Release-Note:
>Audit-Trail:
>Unformatted: