[Next] [Previous] [Up] [Top] [Contents]
21.3 NIS+
21.3.4 Authorization and Authentication
NIS+ authorization allows four classes of principals:
- owner of the object
- group set of specified users
- world set of authenticated users
- nobody all clients
and four access rights:
- read read contents of objects
- modify change objects
- create add objects to tables and directories
- destroy remove objects from tables and directories
Authentication is based on secure RPC. Solaris 2 supports three levels:
- none no authentication
- LOCAL AUTH_SYS RPC authentication
- DES AUTH_DES Secure RPC
DES authentication is the most secure, but if you are running with Secure RPC you will not be able to mount files from servers not running Secure RPC (i.e. SunOS 4.X servers).
Authentication is performed for every NIS+ request. If credentials can not be confirmed the client is treated as nobody.
Unix System Administration - 8 AUG 1996
[Next] [Previous] [Up] [Top] [Contents]