Re: Replacement for NIS? (was Re: Obtaining NIS domainname from Gatorbox)
der Mouse (mouse@Collatz.McRCIM.McGill.EDU)
Fri, 14 Apr 1995 07:09:47 -0400
>>> Is there a "better" NIS [...]
>> I'd be interested in hearing about any such.
> We're running NeXTStep here, do you, or anyone else for that matter,
> know of any security holes concerning the NetInfo NIS(type) system
> that deals with our local information sharing?
I don't. But I know nothing at all about NetInfo, except that it's a
major pain to try to deal with. If you can find me documentation on
how the netinfo server communicates with its clients, and what it
speaks on the network, I can perhaps try to pick flaws with it.
All I know at present is that when I was running a NeXT with no
netlink, netinfo would consistently hang for long periods whenever I
attempted an operation, apparently trying to communicate with someone
else on the net. I eventually discovered that I could use
niutil -t xxx localhost/local yyyy...
for appropriate xxx and yyyy, to avoid this. Why this was necessary I
have no idea.
I would have investigated more, except that the situation went away
before I was driven to. But I have never seen any documentation on how
netinfo really works, only NeXT's usual useless "trust us, just run it
and it works". Perhaps it would be usable with a better
implementation...but until and unless I see docs, I'm going to have to
consider it useless. At least Sun's documentation describes YP, er,
NIS...in enough detail to write a server de novo.
der Mouse
mouse@collatz.mcrcim.mcgill.edu