Operating system security is provided by gates that users must pass through before entering the operating system environment, and permission matrixes that determine what they are able to do once inside. In some contexts, secure RPC passwords have been referred to as network passwords.
The overall system is composed of four gates and two permission matrixes:
Entering the secure RPC gate requires presentation of a secure RPC password. Your secure RPC password and your login password normally are identical. When that is the case, you are passed through the gate automatically without having to re-enter your password. (In some contexts, secure RPC passwords have been referred to as network passwords. See Secure RPC Password versus Login Password for information about handling two passwords that are not identical.)
A set of credentials is used to automatically pass your requests through the secure RPC gate. The process of generating, presenting, and validating your credentials is called authentication because it confirms who you are and that you have a valid secure RPC password. This authentication process is automatically performed every time you request NIS+ service.
In an NIS+ environment running in NIS-compatibility mode, the protection provided by the secure RPC gate is significantly weakened because everyone has read rights for all NIS+ objects and modify rights for those entries that apply to them regardless of whether or not they have a valid credential (that is, regardless of whether or not the authentication process has confirmed their identity and validated their secure RPC password). Because this situation allows anyone to have read rights for all NIS+ objects and modify rights for those entries that apply to them, an NIS+ network running in compatibility mode is less secure than one running in normal mode. (In secure RPC terminology, any user without a valid credential is considered a member of the nobody class. See Authorization Classes for a description of the four classes.)
For details on how to administer NIS+ authentication and credentials, see Administering NIS+ Credentials.
For details on NIS+ permissions and authorization, see Administering NIS+ Access Rights.