Subject: Re: YP, NIS, NIS+
To: Paulo Alexandre Pinto Pires <pappires@phoenix.del.ufrj.br>
From: Jason Thorpe <thorpej@nas.nasa.gov>
List: netbsd-help
Date: 03/05/1997 12:37:57
On Fri, 28 Feb 1997 11:57:39 -0300 (EST)
Paulo Alexandre Pinto Pires <pappires@phoenix.del.ufrj.br> wrote:
> So the question is: isn't there a similar approach which is not
> so weak in security? What about NIS+ or something like FreeBSD's
> variation (whatever name it has)? Does NetBSD project plan to
> improve on security in yp?
I do plan on taking a look at some of the security-related things
FreeBSD has done to YP ... I do like the ability to differentiate
between root and non-root callers, and providing encrypted passwords
based on that info, but I am concerned that it can be spoofed.
Anyhow, to answer your question, yes, it's being looked at at some
point, but I'm not sure when changes of that nature will get into the
source tree.
Jason R. Thorpe thorpej@nas.nasa.gov
NASA Ames Research Center Home: 408.866.1912
NAS: M/S 258-6 Work: 415.604.0935
Moffett Field, CA 94035 Pager: 415.428.6939