*BSD News Article 67840


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mira.net.au!inquo!nntp.uio.no!solace!news.ecn.uoknor.edu!news.uoknor.edu!news.nodak.edu!plains.nodak.edu!not-for-mail
From: tinguely@plains.nodak.edu (Mark Tinguely)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: NIS client setup
Date: 6 May 1996 11:07:49 -0500
Organization: Computer Science Department, North Dakota State University, Fargo
Lines: 12
Message-ID: <4ml84l$3nf@plains.nodak.edu>
References: <3189E69E.727C@arrakis.comm.pub.ro>
NNTP-Posting-Host: plains.nodak.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

To let the NIS user to change their password from a client machine, you must
leave an entry in the server's master.passwd. To avoid a security hole, be
sure to include the user's UID/GID in the NIS server's master.passwd. If the
UID/GID is left blank they will become 0's when the user changes GEOS,
password, shell.

we should x-or the password record coming from NIS server (and x-or on
client), because NIS defeats a shadowed password. Looking at the network
text showed one of our students another NIS bug that I need to document
and send to the NIS maintainers.

--mark.