Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!purdue!tut.cis.ohio-state.edu!cs.utexas.edu!rice!sun-spots-request
From: dvorak@iam.unibe.ch (Jiri Dvorak)
Newsgroups: comp.sys.sun
Subject: Using yppasswd in 4.0.3?
Keywords: SunOS
Message-ID: <2888@brazos.Rice.edu>
Date: 3 Nov 89 10:19:44 GMT
Sender: root@rice.edu
Organization: Sun-Spots
Lines: 12
Approved: Sun-Spots@rice.edu

About a year ago there was a discussion on a big security hole in SunOs
yppasswd. Since that we have disabled yppasswd and every user has to login
to the master server to change his/her passwd.  Now we have 4.0.3 and the
release notes say that 'A security hole in yppasswd has been fixed'

Is there still a good reason not to run yppasswd? (e.g. another known bug?)

Thanks,
Jiri Dvorak                  dvorak@iam.unibe.ch   or
Institute for Informatics    dvorak%iam.unibe.ch@relay.cs.net
University of Berne          UUCP: ..!uunet!mcvax!iam.unibe.ch!dvorak
Switzerland