NIS Linux - Ubuntu

Lowell Gilbert freebsd-questions-local at
Wed Dec 26 18:10:08 PST 2007

Chad Perrin <perrin at> writes:

> On Thu, Dec 20, 2007 at 09:32:50AM -0500, Lowell Gilbert wrote:
>> RA Cohen <roy2098 at> writes:
>> > I am sorry, here is an addendum to my previous post:
>> >
>> >>>Somehow Ubuntu was given root user
>> >  permissions<<
>> >
>> > Actually, upon rereading my notes, Ubuntu was only given permissions of the user doing the login - not root - but we could login with any valid user apparently FreeBSD thought it was presented with a wildcard password.
>> >
>> > And I can also verify that FreeBSD clients are able to use the password map when x is used instead of * in the map to represent the password. So I can secure the system using the x but still cannot get Ubuntu clients to authenticate.
>> Sounds like Ubuntu is using the wrong map, probably one where it's
>> getting a different and empty field where it expects to find a password.
> The behavior with an asterisk instead of an X is pretty worrisome,
> however, and is not strictly Ubuntu's fault.  Security of a server should
> not rely on the good will and competence of the client developers.

I agree with the latter sentence, but not the former.  
When using NFS (without Kerberos), it is built into the protocol that
the server trusts the client on the UID/GID.  
That is a good reason not to use NFS in an untrusted environment, but
there really isn't anything FreeBSD can do about it.

More information about the freebsd-questions mailing list