From owner-freebsd-security Sun May 5 10:14:48 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id KAA27397 for security-outgoing; Sun, 5 May 1996 10:14:48 -0700 (PDT) Received: from teamos2.org (teamos2.org [205.233.74.98]) by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id KAA27392 for ; Sun, 5 May 1996 10:14:45 -0700 (PDT) Received: from localhost (james@localhost) by teamos2.org (8.7.5/8.7.3) with SMTP id NAA17762; Sun, 5 May 1996 13:14:19 -0400 (EDT) Date: Sun, 5 May 1996 13:14:18 -0400 (EDT) From: James FitzGibbon To: Nathan Lawson cc: nash@mcs.com, security@FreeBSD.ORG Subject: Re: dot.cshrc and weird umask value In-Reply-To: <199605051602.JAA20318@kdat.calpoly.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Sun, 5 May 1996, Nathan Lawson wrote: > Unfortunately, this solution does not scale well to an enterprise-wide > network as your groups file grows ever larger. Remember it's not hashed like > the pwd.db, and that's reason enough for me to have modified adduser to not > support that scheme. I agree 100%, but there are a number of things that need to be done to FreeBSD (or any OS) to make it perform well and be secure in an enterprise environment. Any good sysadmin will have a checklist to take FreeBSD from it's distributed form to an enterprise server, and this should definately be on it (preferably before the section where you create your users) 8-) -- j. ---------------------------------------------------------------------------- | James FitzGibbon james@teamos2.org | | TeamOS/2 Online admin Voice/Fax : 416 410-0100 | ----------------------------------------------------------------------------