Broken way to implement NIS

To: debian-devel@lists.debian.org
Subject: Broken way to implement NIS
From: Sami Laine <lane@netti.fi>
Date: Thu, 3 Jul 1997 09:51:42 +0300 (EET DST)
Message-id: <[🔎] 199707030651.JAA31580@unix.netti.fi>
Reply-to: lane@netti.fi

I've had impression that glibc (ie. libc6) will handle NYS/YP client
routines internally through /etc/yp.conf and /etc/nsswitch.conf. I've read
glibc documentation and found out that there is support for shadow passwords
too.

I've re-compiled libc5 and shadow packages for Debian 1.3.0, for NYS
support. This setup allows one to bind into server in another subnet and has
couple of other advantages over old NIS client implementation in
Debian 1.3.0.

We have been running this kind of system (ie. NYS code in libc) from libc
version 5.2.18, couple of days more and it has been running for year. Setup
has been very stable, but yet I've received many comments that integrated
NYS code in libc and specially using it is broken idea. No-one of
commentators have been able to explain this to me, maybe someone here in
developer list can?

Only problem with integrated NYS/shadow support is setuid root binaries
which has to access /etc/shadow. I think this problem is possible to avoid
with careful testing as Debian stable releases are tested.

Thanks for your time.

-- 
Sami Laine


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Prev by Date: documents in binary format
Next by Date: Re: Proposal: /etc /usr/etc /usr/local/etc
Previous by thread: Anyone available that I can call???
Next by thread: ddd?
Index(es):
- Date
- Thread