[OpenAFS] passwd synchro

[Sam Hartman]

>>>>> "Jan" == Jan Hrabe <hrabe@balrog.aecom.yu.edu> writes:


    Jan> AFS is then used for authentication integrated into logins
    Jan> via PAM. That way, the commands such as ls -l show
    Jan> human-readable (meaning not just a number) user and group but
    Jan> the inherently insecure NIS distribution of passwords is
    Jan> eliminated.

Or rather is replaced with an inherently insecure distribution of user
data.  I'm not convinced that distribution of uid, shell and home
directory is significantly less of a security risk than distribution
of password in many environments.  I think an extended discussion of
this here would be off-topic, but I just wanted to point out that
passwords is not the only weakness of NIS.