On Sun, 12 Sep 1999, Tony Nugent wrote:
> What's the *point* of using shadow passwords with YP? There's no way
> it can work without transporting this information over the network.
> YP is inherently insecure for this reason anyway, and shouldn't be
> used over untrusted network links.
One thing is sniffing packets off the network; the other is listing the
encrypted text to a 'ypcat passwd' user command - and, if you consider
the security implications of remote map transfers, it's a considerable
liability - people not even on the local network (and thus not able to
pick off broadcasts) can pull the maps and crack the passwords.
I hope my point is better stated.
> No need to blame Sun for anything...
I'd rather not discuss if it's anybody's fault ;) There are too many toes
to step on as it is. But security was less of an issue when NIS was
developed initially - we used to have no shadow files at all, at one time,
eh? - so it's a forgiveable mistake.
k
