On Wed, 11 Dec 2002, Christos Zoulas wrote:

> Uh, no. This is by design. A user gaining root on his own workstation
> should not be able to lock-out other users on the domain.

You are right, but would it be possible to check if the connection is
coming from localhost and only then allow the password change without
requiring the old password?

After all, if the user is root on the NIS master he could edit the
password database directly with vi (that's what I did :-)

Martti

---
Martti Kuparinen <martti.kuparinen@iki.fi>      NetBSD - No media hype
http://www.iki.fi/kuparine/                     http://www.netbsd.org/