Hesiod security

[KF <dotslash () snosoft com>]

does anyone know about spoofing hesiod requests or replys or anything of 
that nature?

Hesiod is supposed to only deal with non security sensitive data. Your 
user ID shell and home directory are determined by Hesiod... I would say 
at LEAST your uid should be concerned security sensitive. If you could 
spoof a reply for uid 0 I think you could take advantage of this.

I could be simply ignorant to the use of Hesiod ...

Definition of Hesiod:
Hesiod, developed by MIT Project Athena, is an information service built 
upon BIND. Its intent is similar to that of Sun's NIS: to furnish 
information about users, groups, network-accessible file systems, 
printcaps, and mail service throughout an installation. Aside from its 
use of BIND rather than separate server code another important 
difference between Hesiod and NIS is that Hesiod is not intended to deal 
with passwords and authentication, but only with data that are not 
security sensitive. Hesiod servers can be implemented by adding resource 
records to BIND servers; or they can be implemented as separate servers 
separately administered.

-KF