Hi everybody,
a lot of people answered to the following question, that I posted
a couple of days ago:
> | is there any way to prevent passwd files from being accessed
> | by users (without side-effects)?
> | We run NIS, and both /etc/passwd and the YP database are accessible (and
> | crackable) by the users. Any way to avoid it?
I thank them all (but do not list the names: they are really a lot!).
While someone just suggested changing the permissions to the passwd file
(that is alright if you just have /etc/passwd, but does not work with YP,
as the database is accessible through ypcat), most of them pointed to
installing Enhanced Security (C2). This solution was confirmed as the only
one available by Digital too. The side-effect is that NIS is not compatible
with Enhanced Security.
I am now evaluating what is the better thing for my site: C2 without NIS
or NIS without C2...
Regards
C.Strizzolo
-------------------------------------------------------------------------
Claudio STRIZZOLO | Address:
| I.N.F.N. Sezione di Trieste
E-mail: strizzolo_at_trieste.infn.it | c/o AREA di Ricerca
Phone: [39](40)375.6257 | Padriciano, 99
Fax: [39](40)375.6258 | I-34012 Trieste - ITALY
Received on Thu Jun 12 1997 - 15:55:12 NZST