>>> Is there a "better" NIS [...] >> I'd be interested in hearing about any such. > We're running NeXTStep here, do you, or anyone else for that matter, > know of any security holes concerning the NetInfo NIS(type) system > that deals with our local information sharing? I don't. But I know nothing at all about NetInfo, except that it's a major pain to try to deal with. If you can find me documentation on how the netinfo server communicates with its clients, and what it speaks on the network, I can perhaps try to pick flaws with it. All I know at present is that when I was running a NeXT with no netlink, netinfo would consistently hang for long periods whenever I attempted an operation, apparently trying to communicate with someone else on the net. I eventually discovered that I could use niutil -t xxx localhost/local yyyy... for appropriate xxx and yyyy, to avoid this. Why this was necessary I have no idea. I would have investigated more, except that the situation went away before I was driven to. But I have never seen any documentation on how netinfo really works, only NeXT's usual useless "trust us, just run it and it works". Perhaps it would be usable with a better implementation...but until and unless I see docs, I'm going to have to consider it useless. At least Sun's documentation describes YP, er, NIS...in enough detail to write a server de novo. der Mouse mouse@collatz.mcrcim.mcgill.edu