A security flaw question.

akonstam at trinity.edu akonstam at trinity.edu
Sat Jun 4 20:35:31 UTC 2005


I have a security question for the group. We have ~50 Linux machines
that are NIS clients of out server. The idea as you know is that nay
of are students van log in to any of the machines and have the same
home directory and the same passwd.

Ok, now the question. I have been hearing from people about security
flaws. Well what about about this. A number of our faculty have set up
their personal machines as NIS clients. It makes it easier to get to
their class related files. My feeling this is a tremendous security
hole, since a first important step in hacking a machine might be logging in to
the machine. Making faculty personal machines NIS clients
means that any of the 1000 or so students can log in to the faculty
machine. Does any one else think that this is a bad idea, or am I
confused?
-- 

=======================================================================
Life only demands from you the strength you possess.
Only one feat is possible -- not to have run away.
		-- Dag Hammarskjold
-------------------------------------------
Aaron Konstam
Computer Science
Trinity University
telephone: (210)-999-7484




More information about the fedora-list mailing list