Re: securityhole /proc/sys/kernel/domainname

Christoph Lameter (clameter@miriam.fuller.edu)
19 Feb 1996 17:50:55 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paul Slootman: "Re: Getting OLD messages"
Previous message: Jacques Carriere: "Kernel does not recognize NCR 53c810 SCSI controller"
Maybe in reply to: Christoph Lameter: "securityhole /proc/sys/kernel/domainname"
Next in thread: Bernd Eckenfels: "Re: securityhole /proc/sys/kernel/domainname"

: > Why would I make it accessible via bootp?
: > And /var/yp is only accessible by root on my system.

: getdomainname(2) needs no root privileges. And I still dont think a NIS
: Domainname is a good Password. Please simply use secure NIS implementations.
Even with a secure NIS implementation a user on a host in the domain
can simply do a

ypcat passwd

to get at the passwords. If the getdomainname() call would require root priviledges
then the ypcat would not be possible.

Is there any reason why a regular user process would need getdomainname()?

Next message: Paul Slootman: "Re: Getting OLD messages"
Previous message: Jacques Carriere: "Kernel does not recognize NCR 53c810 SCSI controller"
Maybe in reply to: Christoph Lameter: "securityhole /proc/sys/kernel/domainname"
Next in thread: Bernd Eckenfels: "Re: securityhole /proc/sys/kernel/domainname"