Slackware and Debian on the same network--security problems?
Howdy, folks--
I'm kind of new to the mailing list thing,
so pardon me if I'm not doing this right.
I'm currently working on a system that runs
a lot of Slackware boxes, but I'd like to move
over to Debian (for what, I assume, are obvious
reasons = ). I've noticed, however, that the passwd
and group files for the Slackware system we're
currently running are substantially different
from those that Debian sets up. In particular,
I'm a little worried because the 'user' group
number on one is the same as a fairly priveleged
group on the other. I'm concerned that this might
pose a security threat if we tried a gradual
change over--that is, that some one could get on
in the 'user' group on, say, the Slackware boxes,
and then have access to stuff in the more
privileged group on the Debian boxes--either
locally, or via NFS, or something.
Is this a valid concern? If so, how do I address
it? I was hoping to simply substitute in the
Slackware group and passwd files for the ones
Debian uses right from the start (though it would be
nice to not have to worry about this kind of a legacy
issue--oh, well, huh?), so that Debian
would just install with the same group and user
id's as our Slackware system has set up. But I
can't seem to find where the original Debian passwd
and group files come from--they're just sort of
'there', as soon as you start installing, almost,
it seems.
Anyway, any help on this would be appreciated--as
well as any other security or other problems that
you would think might arise during such a procedure.
Thanks!
--Daniel
Reply to: