Subject: misc/12149: NIS documentation doesn't cover 'secure maps'
To: None <email@example.com>
From: None <firstname.lastname@example.org>
Date: 02/07/2001 10:51:20
>Synopsis: NIS documentation doesn't cover 'secure maps'
>Arrival-Date: Wed Feb 07 10:54:00 PST 2001
All NetBSD 1.5 systems
The template /var/yp/Makefile.yp contains the following useful
information in a comment:
# Password maps in standard YP are insecure, because the pw_passwd
# field is accessable by any user. FreeBSD, NetBSD and OpenBSD have
# a common solution: a secure map (generated with makedbm -s) can
# only be accessed by a client bound to a privileged port.
# Uncomment out the following if you need compatibility with
# sites that don't support this feature.
This is great, except that none of the NIS related man pages
mention that NetBSD uses a special secure solution which is only
common to NetBSD, FreeBSD, and OpenBSD. When using a NetBSD
system as an NIS master server, it's not immediately apparent
why your non-*BSD NIS clients can't authenticate their users.
Information should be included in the man pages about this (even
in just a general sense) perhaps with a pointer to see the
/var/yp/Makefile.yp for details.