Berkeley CSUA MOTD:1998:October:12 Monday <Sunday, Tuesday>
Berkeley CSUA MOTD
1998/10/12-14 [Computer/SW/Security, Computer/SW/Unix] UID:14767 Activity:kinda low
10/12  Is is true that if a user account is comprmised on a network of computers
       running NIS, the entire network of computers running NIS are compromised?
        \_ It will allow people to "ypcat passwd | mail",
           which should be considered a problem.  This is probably what whoever
           said that was thinking of.
                \-well, that isnt really enough info to make any guesses but
                my guess would be "if the user can log into one NIS client,
                the login in probably valid on other clients which would need
                to be checked out". the more involved question is "if someome
                breaks root on a NIS client, what are the implications for the
                whole domain". --psb
                \_ Not "enough info to make any guesses"?  The quality of
                   users' password choices has not gotten any better over time,
                   and Crack still works (even better, now that computers are
                        \-i mean the poster hasnt provided enough info for an
                answer ... we cant really guess what the question means. --psb
Berkeley CSUA MOTD:1998:October:12 Monday <Sunday, Tuesday>