This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Use reserved port only when required for NIS look-ups


On Sat, Aug 11, Carlos O'Donell wrote:

> On Fri, Aug 10, 2012 at 9:22 AM, Honza Horak <hhorak@redhat.com> wrote:

> > NIS server is able to be "secured" with a configuration, where administrator
> > marks some maps as "secure" (basically maps with passwords) and only
> > connections form a reserved port are served in that case. So if we used
> > non-reserved ports for all look-ups, some of them wouldn't be served.
> 
> I've never seen a "secured map," out of curiosity how does someone set one up?

Beside the ypserv.conf Kalle already wrote:
Solaris "secures" out of the box without any configuration the
passwd.adjunct maps. They are only accessible if the request is
coming from a privileged port.
On linux, the shadow.* maps are also "secured" in that way, even
without config file.

  Thorsten

-- 
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]