Re: securityhole /proc/sys/kernel/domainname

Christoph Lameter (clameter@miriam.fuller.edu)
Wed, 21 Feb 1996 05:47:06 -0800 (PST)


On Wed, 21 Feb 1996, Alan Cox wrote:

> > this file should not be world readable. As I understand the Yellow Pages the
> > domainname is a kind of password that allows NIS access.
>
> Its a 30 second job to break NIS without knowing the domainname. Security
> through obscurity is wrong. Use a firewall if you muse use NIS.
I do. But users still can access the UNIX system level on our machines on
Campus. A password is also obscurity.