Subject: misc/12149: NIS documentation doesn't cover 'secure maps'
To: None <gnats-bugs@gnats.netbsd.org>
From: None <bdc@world.std.com>
List: netbsd-bugs
Date: 02/07/2001 10:51:20
>Number: 12149
>Category: misc
>Synopsis: NIS documentation doesn't cover 'secure maps'
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: misc-bug-people
>State: open
>Class: doc-bug
>Submitter-Id: net
>Arrival-Date: Wed Feb 07 10:54:00 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:
>Release: 1.5
>Organization:
>Environment:
All NetBSD 1.5 systems
>Description:
The template /var/yp/Makefile.yp contains the following useful
information in a comment:
# Password maps in standard YP are insecure, because the pw_passwd
# field is accessable by any user. FreeBSD, NetBSD and OpenBSD have
# a common solution: a secure map (generated with makedbm -s) can
# only be accessed by a client bound to a privileged port.
#
# Uncomment out the following if you need compatibility with
# sites that don't support this feature.
#
#INSECURE?= yes
This is great, except that none of the NIS related man pages
mention that NetBSD uses a special secure solution which is only
common to NetBSD, FreeBSD, and OpenBSD. When using a NetBSD
system as an NIS master server, it's not immediately apparent
why your non-*BSD NIS clients can't authenticate their users.
>How-To-Repeat:
>Fix:
Information should be included in the man pages about this (even
in just a general sense) perhaps with a pointer to see the
/var/yp/Makefile.yp for details.
>Release-Note:
>Audit-Trail:
>Unformatted: