Date: Tue, 9 Feb 1999 20:53:41 -0800 From: Gregory Sutter <gsutter@pobox.com> To: Greg Lehey <grog@lemis.com> Cc: Matthew Hunt <mph@pobox.com>, freebsd-questions@FreeBSD.ORG Subject: Re: finger Message-ID: <19990209205341.A10604@orcrist.mediacity.com> In-Reply-To: <19990210150256.I71962@freebie.lemis.com>; from Greg Lehey on Wed, Feb 10, 1999 at 03:02:57PM %2B1030 References: <XFMail.990210113213.keith@apcs.com.au> <Pine.BSF.4.05.9902092011100.388-100000@nyc-ny69-14.ix.netcom.com> <19990209190356.A7841@orcrist.mediacity.com> <19990210135059.G71962@freebie.lemis.com> <19990209194213.A89829@wopr.caltech.edu> <19990210150256.I71962@freebie.lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 10, 1999 at 03:02:57PM +1030, Greg Lehey wrote: > On Tuesday, 9 February 1999 at 19:42:13 -0800, Matthew Hunt wrote: > > On Wed, Feb 10, 1999 at 01:50:59PM +1030, Greg Lehey wrote: > > > >> How can you know it's a finger from root? > > > > Check the EUID in hide() in src/usr.bin/finger/util.c; in inetd.conf, > > run fingerd as nobody (which is the default). > > > > (I don't think anybody's expecting "finger @localhost" by root to > > recognize your rootfulness.) > > Hmm. These may be Greg's wishes, in which case that's OK. But that's > not the purpose of finger. There are other tools to look at users on > localhost; the normal use of finger is across the network, and this > hack doesn't work there. To you, the normal use of finger may be across the network. But how can you speak for everybody? You certainly don't speak for finger.1, which says: DESCRIPTION The finger displays information about the system users. ...and goes on, toward the end, to finally mention: Finger may be used to look up users on a remote machine. The format is to specify a user as ``user@host''... I don't consider this a hack, as it should be possible for the superuser to finger every user on the system should (s)he wish to do so. Greg -- Gregory S. Sutter Computing is a terminal addiction. mailto:gsutter@pobox.com http://www.pobox.com/~gsutter/ PGP DSS public key 0x40AE3052 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990209205341.A10604>