[4621] in bugtraq
Re: NIS+, Solaris 2.5.1
daemon@ATHENA.MIT.EDU (Paul B. Henson)
Sat May 31 01:00:19 1997
Date: Fri, 30 May 1997 15:02:03 -0700
Reply-To: pbhenson@csupomona.edu
From: "Paul B. Henson" <henson@INTRANET.CSUPOMONA.EDU>
To: BUGTRAQ@NETSPACE.ORG
> Ever tried to change your NIS+ password with
> the "nistbladm" command ? Works fine, but you
> can also change your UID ....
I believe this is one of the problems fixed by:
103266-01 SunOS 5.5: nissetup default permissions for password table not
secure
There is no equivilent patch for 2.5.1, but from a diff of the stock 2.5.1
nissetup and the 2.5 patched one, the patch seems to be already
incorporated into 2.5.1:
< # @(#)nissetup.sh 1.8 92/04/24 Copyright 1992 Sun Microsystems Inc.
---
> # @(#)nissetup.sh 1.16 96/02/10 Copyright 1992-1996, Sun Microsystems, Inc.
I don't have an NIS+ configuration generated by a 2.5.1 system available.
Can anyone who does try to verify this? If the system in use by this
anonymous individual is using an NIS+ database originally created by the
unpatched 2.5 nissetup, that might be the explanation. I believe that a new
NIS+ config generated with the 2.5.1 nissetup should be fine though.
--
Paul Henson | System Administrator | Cal Poly Pomona | (909) 869-3781
pbhenson@csupomona.edu | finger -l henson@www.csupomona.edu for PGP key
