/var/yp/securenets

/var/yp/securenets

Post by Guy Lad » Fri, 30 Dec 1994 08:33:47



Hi,
Could someone lay out the precise format for /vay/yp/securenets
on a Sunos 4.1.3U1B machine?

Thanks,
Guy.

 
 
 

1. localhost in /var/yp/securenets

In AIX 3.2.5 and AIX 4 (with appropriate PTFs) the file
/var/yp/securenets determines which NIS clients get information from
ypserv.

Now the master in a NIS environment typically binds to itself (if any).
To be more precise: ypbind binds to localhost, not to `hostname`, since
the broadcast on lo returns before the one on the ethernet.
But to allow the master ypbind get response from the master ypserv one
has to include a line like
255.255.255.255 127.0.0.1
in /var/yp/securenets.

Is this a security hole? Put it another way: Is it safer to
- include 127.0.0.1 in securenets
or
- run ypbind with the "-ypsetme" option and do a ypset `hostname`
Or is there a way to tell a non-ypset ypbind a list of allowed servers
to bind to on startup (which would exclude localhost)?

BTW: My bos.net.nis.client is 4.1.3.1, server 4.1.4.5. And I DID restart
the subsystems after changing securenets...

--
Michael J. Gruber

___________________________________________________________

Institute of Mathematics
Humboldt University
Berlin/Germany

URL: http://spectrum.mathematik.hu-berlin.de/~gruber
___________________________________________________________

2. What is the oldest kernel supporting FIREWIRE ?

3. nicknames and aliases in /var/yp

4. Dual Athlon MPs - which Motherboard, kernel & distro?

5. /var/yp? & startx prob

6. HP WinPrinters works with free software!

7. Missing /var/yp directory

8. Intel Gigabit ethernet 1000BaseT for Redhat 7.1

9. /var/yp/make takes FOREVER!!!

10. YP msgs filling /var/adm/cron

11. What is /var/yp/updaters ?

12. automount does not use /var/yp/nicknames !!!

13. /var/yp