Re: perl or libc6 bug?: getpwnam('root') in NIS environment

To: miquels@cistron.nl (Miquel van Smoorenburg)
Cc: debian-devel@lists.debian.org
Subject: Re: perl or libc6 bug?: getpwnam('root') in NIS environment
From: Ben Gertzfield <che@debian.org>
Date: 14 Apr 1999 14:25:10 -0700
Message-id: <[🔎] yttvheyhp3d.fsf@gilgamesh.cse.ucsc.edu>
In-reply-to: miquels@cistron.nl's message of "14 Apr 1999 19:38:33 +0200"
References: <[🔎] 7f2jqp$m7l$1@Q.cistron.nl>

>>>>> "Miquel" == Miquel van Smoorenburg <miquels@cistron.nl> writes:

    Miquel> There is. If the request comes from a priviliged port
    Miquel> (<1024) it must have been a root process that did the
    Miquel> request. That way the NIS server can see if a process is
    Miquel> priviliged.

    Miquel> 1. mangle the password file depending on who does the
    Miquel> request. That's what we do at Cistron. Behold:

This is a really lame way of doing security, IMHO. :) If you're on a
windows or mac box, there's nothing stopping you from binding on ports
< 1024. Same thing for determining who made the request; identd
is only meaningful on a windows box.

NIS is just full of holes, really. NIS+ is theoretically better, but
as anyone who has actually used it will tell you, it is a dog and a
half.

-- 
Brought to you by the letters X and C and the number 17.
"A beldam is an old lady."
Debian GNU/Linux maintainer of Gimp and GTK+ -- http://www.debian.org/
I'm on FurryMUCK as Che, and EFNet/Open Projects IRC as Che_Fox.

Reply to:

Follow-Ups:
- Re: perl or libc6 bug?: getpwnam('root') in NIS environment
  - From: Miquel van Smoorenburg <miquels@cistron.nl>

References:
- Re: perl or libc6 bug?: getpwnam('root') in NIS environment
  - From: miquels@cistron.nl (Miquel van Smoorenburg)

Prev by Date: Re: nonus upload queue?
Next by Date: Re: Intent to adopt: info
Previous by thread: Re: perl or libc6 bug?: getpwnam('root') in NIS environment
Next by thread: Re: perl or libc6 bug?: getpwnam('root') in NIS environment
Index(es):
- Date
- Thread