Re: NIS Linux - Ubuntu
On Wed, Dec 26, 2007 at 09:10:00PM -0500, Lowell Gilbert wrote: Chad Perrin [EMAIL PROTECTED] writes: The behavior with an asterisk instead of an X is pretty worrisome, however, and is not strictly Ubuntu's fault. Security of a server should not rely on the good will and competence of the client developers. I agree with the latter sentence, but not the former. When using NFS (without Kerberos), it is built into the protocol that the server trusts the client on the UID/GID. That is a good reason not to use NFS in an untrusted environment, but there really isn't anything FreeBSD can do about it. I'm not clear on how that makes it Ubuntu's fault -- which seems to be what you're saying, since you disagreed with the sentence in which I stated it is not strictly Ubuntu's fault. -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] John Kenneth Galbraith: If all else fails, immortality can always be assured through spectacular error. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NIS Linux - Ubuntu
Chad Perrin [EMAIL PROTECTED] writes: On Thu, Dec 20, 2007 at 09:32:50AM -0500, Lowell Gilbert wrote: RA Cohen [EMAIL PROTECTED] writes: I am sorry, here is an addendum to my previous post: Somehow Ubuntu was given root user permissions Actually, upon rereading my notes, Ubuntu was only given permissions of the user doing the login - not root - but we could login with any valid user apparently FreeBSD thought it was presented with a wildcard password. And I can also verify that FreeBSD clients are able to use the password map when x is used instead of * in the map to represent the password. So I can secure the system using the x but still cannot get Ubuntu clients to authenticate. Sounds like Ubuntu is using the wrong map, probably one where it's getting a different and empty field where it expects to find a password. The behavior with an asterisk instead of an X is pretty worrisome, however, and is not strictly Ubuntu's fault. Security of a server should not rely on the good will and competence of the client developers. I agree with the latter sentence, but not the former. When using NFS (without Kerberos), it is built into the protocol that the server trusts the client on the UID/GID. That is a good reason not to use NFS in an untrusted environment, but there really isn't anything FreeBSD can do about it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NIS Linux - Ubuntu
RA Cohen [EMAIL PROTECTED] writes: I am sorry, here is an addendum to my previous post: Somehow Ubuntu was given root user permissions Actually, upon rereading my notes, Ubuntu was only given permissions of the user doing the login - not root - but we could login with any valid user apparently FreeBSD thought it was presented with a wildcard password. And I can also verify that FreeBSD clients are able to use the password map when x is used instead of * in the map to represent the password. So I can secure the system using the x but still cannot get Ubuntu clients to authenticate. Sounds like Ubuntu is using the wrong map, probably one where it's getting a different and empty field where it expects to find a password. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NIS Linux - Ubuntu
On Thu, Dec 20, 2007 at 09:32:50AM -0500, Lowell Gilbert wrote: RA Cohen [EMAIL PROTECTED] writes: I am sorry, here is an addendum to my previous post: Somehow Ubuntu was given root user permissions Actually, upon rereading my notes, Ubuntu was only given permissions of the user doing the login - not root - but we could login with any valid user apparently FreeBSD thought it was presented with a wildcard password. And I can also verify that FreeBSD clients are able to use the password map when x is used instead of * in the map to represent the password. So I can secure the system using the x but still cannot get Ubuntu clients to authenticate. Sounds like Ubuntu is using the wrong map, probably one where it's getting a different and empty field where it expects to find a password. The behavior with an asterisk instead of an X is pretty worrisome, however, and is not strictly Ubuntu's fault. Security of a server should not rely on the good will and competence of the client developers. -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] Baltasar Gracian: A wise man gets more from his enemies than a fool from his friends. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]