Re: NIS maps?

From: Stefan Tomlik (stefan@tomlik.de)
Date: 10/23/01


Message-ID: <3BD5E68A.EB077423@tomlik.de>
Date: Tue, 23 Oct 2001 23:52:10 +0200
From: Stefan Tomlik <stefan@tomlik.de>
Subject: Re: NIS maps?

Hi Adam

In case it fits your needs to just block output of
encrypted password entries it is possible to splice
the password map into separate passwd- and shadow-
maps.

Anyway.... I would *never* set up hosts in a DMZ
as NIS-Clients, and I would restrict access to an
internal (= not DMZ) NIS-Server via /var/yp/securenets
to internal clients only. NIS is a nightmare if it
comes to security issues.

cheers
Stefan