SUMMARY: nis+ encrypted password visible

Timothy P. Henrion (tph@techapp.com)
Tue, 25 Mar 1997 15:34:42 -0600

Thanks to:
Lorandi M. Alberto lorandi@[148.226.150.1]
David Montgomery david@cs.newcastle.edu.au

My original question:

>
> The password field of my passwd.org_dir table is readable by everyone.
>
> niscat -o passwd.org_dir reveals the permissions on the field are:
>
> [1] Name : passwd
> Attributes : (TEXTUAL DATA)
> Access Rights : -----m----------
>
> Any ideas where else to look to make the encrypted password not visible?
>

The problem was with the access rights to the passwd table object.
Changing it with nischmod to:

Access Rights : ----rmcdrmcd----

fixed things.

-Tim
----------------------------------------------------------------------
Timothy P. Henrion email: tph@techapp.com
Technology Applications Inc. phone: (314) 537-3366
333 Chesterfield Center fax: (314) 537-0708
Chesterfield, MO 63017 pager: (314) 670-0229