unix password sync problems!

[Dan Stromberg]

> *Can* root change an NIS password remotely without plaintext
> knowledge of the old password ?

That was part of my question.

I got less lazy and dug through some rpc.yppasswdd sources.

It looks to me like the only cleartext password that gets passed, is the
old one, not the new one.  Sigh.

So yes it can be done, but not in an acceptable amount of time with
the-usual-onc-rpc-based-password-changing-protocol.

Or more practically: It'd almost certainly require replacing one
rpc.yppasswdd (or similar) and all /usr/bin/yppasswd's.