Shadow and NIS/YP
Hi folks!
There was a lot of discussion about the move to shadow, incompatibility
problems with that, and about whether this should be done before 1.2.
Since I use NIS/YP in my local network (all Debian workstations) I'm
wondering what I can do if Debian moves over to shadow! I don't think
using NIS and shadow passwd together makes much sense, since everyone can
do a `ypcat shadow' and actually _see_ the encrypted passwords.
I heard of a feature of the new NIS+/NYS that is able to specify special
access rights to individual columns of its data files. So, for example,
one can specify that _normal users_ don't have access to the passwd column
in /etc/passwd (distributed via YP). This feature would make an
/etc/shadow obsolete.
I personally don't need much security in my local network and its nice to
NIS. But of course, if there is an easy way to combine this with shadow
functionality, I would appreciate it. If this is going to be developed, I
can do a beta test.
Just my 2 cents,
Chris
-- _,, Christian Schwarz
/ o \__ schwarz@monet.m.isar.de, schwarz@debian.org,
! ___; schwarz@informatik.tu-muenchen.de, bm955877@muenchen.org
\ /
\\\______/ ! PGP-fp: 8F 61 EB 6D CF 23 CA D7 34 05 14 5C C8 DC 22 BA
\ / http://www.informatik.tu-muenchen.de/~schwarz/
-.-.,---,-,-..---,-,-.,----.-.-
"DIE ENTE BLEIBT DRAUSSEN!"
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: