Date: Thu, 21 Nov 2002 19:18:29 -0800 (PST) From: Jeff Jirsa <jeff@unixconsults.com> To: JacobRhoden <jrhoden@unimelb.edu.au> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: enabling finger - why not? Message-ID: <20021121191500.Q5341-100000@boris.st.hmc.edu> In-Reply-To: <200211221358.42586.jrhoden@unimelb.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 22 Nov 2002, JacobRhoden wrote: > Hi, > > I have a machine which has a number of users, and its a 'possibility' that > they could do something they shouldnt. What are the reasons which I may not > want finger enabled? > > (The machine has sendmail and httpd, so a DoS through the finger port is > probably not an issue) Finger is relatively safe. Most of the arguments for not allowing it involve privacy rather than security (I don't really like people knowing when I log in and out, if they need to bother me, there are better ways to track me down). It's possible a hole may be found in finger(d) in the future, but there are none at the moment, and haven't been any in the near past. There are some horrible holes in some of the old (g|c)fingerd programs that run on some of the linux and solaris boxes I've seen, but in general, the one in whichever version of bsd you're running should be more than safe. - Jeff Jirsa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021121191500.Q5341-100000>