[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Shadow and NIS/YP



Hi folks!

There was a lot of discussion about the move to shadow, incompatibility
problems with that, and about whether this should be done before 1.2. 

Since I use NIS/YP in my local network (all Debian workstations) I'm
wondering what I can do if Debian moves over to shadow! I don't think
using NIS and shadow passwd together makes much sense, since everyone can
do a `ypcat shadow' and actually _see_ the encrypted passwords.

I heard of a feature of the new NIS+/NYS that is able to specify special
access rights to individual columns of its data files. So, for example,
one can specify that _normal users_ don't have access to the passwd column
in /etc/passwd (distributed via YP). This feature would make an 
/etc/shadow obsolete.

I personally don't need much security in my local network and its nice to 
NIS. But of course, if there is an easy way to combine this with shadow
functionality, I would appreciate it. If this is going to be developed, I
can do a beta test.


Just my 2 cents,

Chris

--          _,,     Christian Schwarz
           / o \__   schwarz@monet.m.isar.de, schwarz@debian.org,
           !   ___;   schwarz@informatik.tu-muenchen.de, bm955877@muenchen.org
           \  /        
  \\\______/  !        PGP-fp: 8F 61 EB 6D CF 23 CA D7  34 05 14 5C C8 DC 22 BA
   \          /         http://www.informatik.tu-muenchen.de/~schwarz/
-.-.,---,-,-..---,-,-.,----.-.-
  "DIE ENTE BLEIBT DRAUSSEN!"

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com


Reply to: