On 2019-09-09 20:06, Sam Hartman wrote: > It seems concerning to decrease the security of rpcbind to the NIS > level with no option for the user to request the higher level of > security.
You have a very good point here. Helped me to fully understand the situation > I do agree that fixing nis for stable is desirable. > My recommendation would be to: > > 1) Make this runtime configurable with an rpcbind command line option > rather than a compile time option. > The patche looks relatively simple to do that. I will prepare the patch and submit the new debdiff ASAP -- Josue
