From owner-freebsd-bugs Mon Oct 2 11:50: 6 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id DB62837B66D for ; Mon, 2 Oct 2000 11:50:00 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id LAA29748; Mon, 2 Oct 2000 11:50:00 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from berkeley.us.and.or.jp (berkeley.us.and.or.jp [210.136.4.34]) by hub.freebsd.org (Postfix) with ESMTP id 6FE1937B66D for ; Mon, 2 Oct 2000 11:42:04 -0700 (PDT) Received: (from sa2c@localhost) by berkeley.us.and.or.jp (8.11.0/8.11.0) id e92IfvX61007; Tue, 3 Oct 2000 03:41:57 +0900 (JST) (envelope-from sa2c) Message-Id: <200010021841.e92IfvX61007@berkeley.us.and.or.jp> Date: Tue, 3 Oct 2000 03:41:57 +0900 (JST) From: sa2c@and.or.jp Reply-To: sa2c@and.or.jp To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: bin/21704: enabling fingerd makes files world readable Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 21704 >Category: bin >Synopsis: enabling fingerd makes files world readable >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Oct 02 11:50:00 PDT 2000 >Closed-Date: >Last-Modified: >Originator: NIIMI Satoshi >Release: FreeBSD 4.1.1-RELEASE i386 >Organization: >Environment: FreeBSD berkeley.us.and.or.jp 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE #0: Wed Sep 27 00:28:17 JST 2000 sa2c@berkeley.us.and.or.jp:/usr/obj/usr/src/sys/GENERIC i386 >Description: If finger takes full path name as user name, it prints out contents of that file. Because fingerd executes finger as local information provider, finger /path/to/file@some.host prints /path/to/file at some.host. >How-To-Repeat: finger /path/to/file@some.host >Fix: Index: finger.c =================================================================== RCS file: /home/ncvs/src/usr.bin/finger/finger.c,v retrieving revision 1.15.2.3 diff -u -r1.15.2.3 finger.c --- finger.c 2000/09/15 21:51:00 1.15.2.3 +++ finger.c 2000/10/02 18:04:06 @@ -318,26 +318,19 @@ /* * Traverse the list of possible login names and check the login name - * and real name against the name specified by the user. If the name - * begins with a '/', try to read the file of that name instead of - * gathering the traditional finger information. + * and real name against the name specified by the user. */ if (mflag) for (p = argv; *p; ++p) { - if (**p != '/' || !show_text("", *p, "")) { - if (((pw = getpwnam(*p)) != NULL) && !hide(pw)) - enter_person(pw); - else - warnx("%s: no such user", *p); - } + if (((pw = getpwnam(*p)) != NULL) && !hide(pw)) + enter_person(pw); + else + warnx("%s: no such user", *p); } else { while ((pw = getpwent()) != NULL) { for (p = argv, ip = used; *p; ++p, ++ip) - if (**p == '/' && *ip != 1 - && show_text("", *p, "")) - *ip = 1; - else if (match(pw, *p) && !hide(pw)) { + if (match(pw, *p) && !hide(pw)) { enter_person(pw); *ip = 1; } >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message