>>>>> "Jan" == Jan Hrabe <[EMAIL PROTECTED]> writes:
Jan> AFS is then used for authentication integrated into logins
Jan> via PAM. That way, the commands such as ls -l show
Jan> human-readable (meaning not just a number) user and group but
Jan> the inherently insecure NIS distribution of passwords is
Jan> eliminated.
Or rather is replaced with an inherently insecure distribution of user
data. I'm not convinced that distribution of uid, shell and home
directory is significantly less of a security risk than distribution
of password in many environments. I think an extended discussion of
this here would be off-topic, but I just wanted to point out that
passwords is not the only weakness of NIS.
_______________________________________________
OpenAFS-info mailing list
[EMAIL PROTECTED]
https://lists.openafs.org/mailman/listinfo/openafs-info
