Path: utzoo!news-server.csri.toronto.edu!cs.utexas.edu!uunet!cbmvax!grr
From: grr@cbmvax.commodore.com (George Robbins)
Newsgroups: comp.unix.ultrix
Subject: Re: ENHANCED SECURITY ULTRIX 4.1
Message-ID: <19586@cbmvax.commodore.com>
Date: 7 Mar 91 03:15:17 GMT
References: <1991Mar6.212110.22576@mlb.semi.harris.com>
Reply-To: grr@cbmvax.commodore.com (George Robbins)
Organization: Commodore, West Chester, PA
Lines: 25

In article <1991Mar6.212110.22576@mlb.semi.harris.com> dcb@dave.mis.semi.harris.com (Dave Brillhart) writes:
> This weekend, we are are planning to enable the ENHANCED security features
> on our  2 5830's, a 5820, and a 5500.  Currently we are only using the
> standard BSD security [features?] with a seperate host file and passwd file
> on each (acutally 2 are trying to use YP). We are also planning to run BIND/
> Hesiod and Kerberos in an effort to use a secure single host file and single
> user authorization file for all systems.

I think you're real brave. Whoever thought that all unix security enhancements
could/should be controlled by a single variable of three states should be
taken out and shot...

> I'm sure this will be an interesting weekend. If anyone can save me a
> a few late night hours with tips/hints/suggestions/..., I'd appreciate it.

Well good luck.  I'd suggest getting it all working between a couple of
workstations and after you get all the bugs out, trying to switch over the
larger systems.  You're likely to get halfway done and then start finding
the real problems and have to decide to take the long walk back or let your
users suffer until your get it "working".

-- 
George Robbins - now working for,     uucp:   {uunet|pyramid|rutgers}!cbmvax!grr
but no way officially representing:   domain: grr@cbmvax.commodore.com
Commodore, Engineering Department     phone:  215-431-9349 (only by moonlite)