On Wed, 29 Sep 1999, Richard L. Goerwitz wrote: > "Bauer, Rich" wrote: > > > > One of our systems administrators recently told us that Sun's fix for the > > TTSESSION vulnerability (running ttsession with DES) prohibits root from > > using CDE in an NISPLUS environment, and prohibits any user from using CDE > > in a stand-alone environment. Is there a patch forthcoming or some other > > work-around that doesn't have these limitations ? > > For us the key is that CDE is essentially useless in a stand-alone en- > vironment, or any environment in which NIS(+) is not being used. This > is certainly not how Sun intended the product to function. It does work without NIS/NIS+ (well sort of), it's just that you have to create an /etc/netid (see man netid for details) and /etc/publickey (man -s 4 publickey) files. However, certain applications (dtpad, dtmail, mailtool, and some others) still won't run. Also, I couldn't get a console root login to work under CDE either ... although some might consider this a plus. Now, I can't take credit for discovering this, that goes to Dan Astoorian who pointed this out to me in a related discussion. Also, Sun has issued the following bug id assoiciated with running ttsessoin with DES: 4272834
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:06:22 PDT