Re: perl or libc6 bug?: getpwnam('root') in NIS environment
>>>>> "Miquel" == Miquel van Smoorenburg <miquels@cistron.nl> writes:
Miquel> There is. If the request comes from a priviliged port
Miquel> (<1024) it must have been a root process that did the
Miquel> request. That way the NIS server can see if a process is
Miquel> priviliged.
Miquel> 1. mangle the password file depending on who does the
Miquel> request. That's what we do at Cistron. Behold:
This is a really lame way of doing security, IMHO. :) If you're on a
windows or mac box, there's nothing stopping you from binding on ports
< 1024. Same thing for determining who made the request; identd
is only meaningful on a windows box.
NIS is just full of holes, really. NIS+ is theoretically better, but
as anyone who has actually used it will tell you, it is a dog and a
half.
--
Brought to you by the letters X and C and the number 17.
"A beldam is an old lady."
Debian GNU/Linux maintainer of Gimp and GTK+ -- http://www.debian.org/
I'm on FurryMUCK as Che, and EFNet/Open Projects IRC as Che_Fox.
Reply to: