Re: securityhole /proc/sys/kernel/domainname

Christoph Lameter (clameter@miriam.fuller.edu)
Wed, 21 Feb 1996 05:47:06 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Robin Cutshaw: "shared irq patch for de4x5"
Previous message: Steve Ginn: "Compile probs (as -o ..) under 1.3.6[0-7]"
In reply to: Alan Cox: "Re: securityhole /proc/sys/kernel/domainname"

On Wed, 21 Feb 1996, Alan Cox wrote:

> > this file should not be world readable. As I understand the Yellow Pages the
> > domainname is a kind of password that allows NIS access.
>
> Its a 30 second job to break NIS without knowing the domainname. Security
> through obscurity is wrong. Use a firewall if you muse use NIS.
I do. But users still can access the UNIX system level on our machines on
Campus. A password is also obscurity.

Next message: Robin Cutshaw: "shared irq patch for de4x5"
Previous message: Steve Ginn: "Compile probs (as -o ..) under 1.3.6[0-7]"
In reply to: Alan Cox: "Re: securityhole /proc/sys/kernel/domainname"