Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!cs.utexas.edu!rice!sun-spots-request
From: sgf@cfm.brown.edu (Sam Fulcomer)
Newsgroups: comp.sys.sun
Subject: DNS & YP...
Keywords: Networks
Message-ID: <5816@brazos.Rice.edu>
Date: 15 Mar 90 19:09:22 GMT
Sender: news@rice.edu
Organization: Sun-Spots
Lines: 14
Approved: Sun-Spots@rice.edu
X-Sun-Spots-Digest: Volume 9, Issue 87, message 1

One of the problems, ahh... projects I'm working on now is ripping the
guts out of the YP code to make it work properly. Not only is it one of
the ugliest lumbering warthog pieces of code I've ever seen, it's a
heinous security hole in any domain that runs ypserv on a machine that's
accessible over the net.

ypserv happily hands out passwd files to anyone who asks for them. No
programming hacks are required. If you run ypserv, make sure that the
ypserver machine has no default route set (and don't run it on your
gateway).  I would think that well-known machines like sun.com would know
better...

sgf@cfm.brown.edu
"I solemnly swear not to divulge trade secrets that I didn't ever not know."