[365] in Hesiod
Re: secure information?
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Jan 16 20:02:12 1998
To: "Aidan Cully [Staff]" <aidan@panix.com>
Cc: hesiod@MIT.EDU
In-Reply-To: Your message of "Fri, 16 Jan 1998 17:22:48 EST."
<19980116172248.65321@panix.com>
Date: Fri, 16 Jan 1998 20:00:05 EST
From: Greg Hudson <ghudson@MIT.EDU>
Hesiod doesn't (any longer) involve any hacks to BIND; it's all
client-side stuff.
You can pretty easily prevent zone transfers to keep people from
getting a list of usernames or group names. Restricting things
further than that will require hacking on BIND.
(We don't, incidentally, recommend that you put encrypted password
entries in your .passwd info; Kerberos makes a much better network
authentication scheme than Hesiod.)
