Use reserved port only when required for NIS look-ups

[Thorsten Kukuk]

On Sat, Aug 11, Carlos O'Donell wrote:

> On Fri, Aug 10, 2012 at 9:22 AM, Honza Horak <hhorak@redhat.com> wrote:

> > NIS server is able to be "secured" with a configuration, where administrator
> > marks some maps as "secure" (basically maps with passwords) and only
> > connections form a reserved port are served in that case. So if we used
> > non-reserved ports for all look-ups, some of them wouldn't be served.
> 
> I've never seen a "secured map," out of curiosity how does someone set one up?

Beside the ypserv.conf Kalle already wrote:
Solaris "secures" out of the box without any configuration the
passwd.adjunct maps. They are only accessible if the request is
coming from a privileged port.
On linux, the shadow.* maps are also "secured" in that way, even
without config file.

  Thorsten

-- 
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)