Comment 7 for bug 499425
Revision history for this message
| Christoph (christoph-pleger-cs) wrote Re: [Bug 499425] Re: getpwnam shows shadow passwords of NIS users | #7 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
Hello,
> Great, thanks for forwarding it. Can you link to the upstream bug so
> this bug will track it?
The link is:
http://
> As to the "Wishlist", glibc nis support has always been broken, and
> having access to encrypted passwords has been a known problem for a
> long time. It seems that the passwd.
> things is new, and as such, a feature request, really. (i.e. no new
> hole, regression, etc.) This shouldn't be seen as lack of interest or
> anything -- this is a great way for NIS to be more secure finally. :)
As far as I know, this is not true. In glibc, the NIS shadow password
feature was introduced in libc6, the corresponding NIS map was called
shadow.byname. Sun Microsystems, the inventor of NIS, does not use a map
shadow.byname, they are using passwd.
So, it seems that some glibc developers failed to take over an existing
standard.
Regards
Christoph