> also concerning NIS and shadows is that root on any machine(does not have to be yours) connected to the network can retrieve the hashed shadow file over NIS. a very grave security flaw. Also, this is totally not true. They have to be connected to the network, know your NIS domain name, _and_ be spoofing as a machine on your network, or _directly_ on whatever subnet you've added to your securenets file. Gabe -- ------------------------------------------------------------------------ Gabe Turner gabe at msi.umn.edu SGI Origin Systems Administrator, University of Minnesota Supercomputing Institute for Digital Simulation and Advanced Computation www.msi.umn.edu ------------------------------------------------------------------------