On Thu, 2021-10-28 at 10:41 -0400, Simo Sorce wrote:
On Thu, 2021-10-28 at 10:28 -0400, Frank Ch. Eigler wrote:
> Stephen John Smoogen <smooge(a)gmail.com> writes:
>
> > Mainly because it is the authentication service equivalent of
> > telnet**. Very simple to set up, very simple to use, and very
> > easy to
> > steal all the information about logins, users, and setups. [...]
>
> ... well, compared to what? LDAP commonly distributes crypttext
> passwords and databases with about the same amount of discernment
> and
> theft-enablement as ypserv. Plaintext as in telnet makes an
> appearance
> nowhere but with yppasswd, AFAIK, which is nonessential.
LDAP is normally deployed on a secure channel (TLS or GSSAPI), that
the
client can cryptographically check.
NIS is a clear text protocol that can be trivially MitMed to provide
arbitrary information to the target system.
Also generally LDAP *does not* in fact distribute passwords, most
systems use the LDAP Bind operation to test a password and the LDAP
server does *not* provide access to password hashes.
I thin k it is legitimate to question whether it is yet time to drop
this obsolete protocol (NIS) on backwards compatibility grounds.
But on security grounds it is indefensible, don't go there.
There's no question NIS has poor security, as bad a using a local
password plus shadow file anyway. People that use it must know
that. The valid use is company internal only, on systems whose
data is freely available to company personnel and where accounts
and groups info. isn't security critical.
It's been that way for many, many years ... it's no secret.
It's a pity NIS+ was such a pain to setup and use ... a bridge
to far IMHO ...
Ian