Date: Wed, 8 Aug 2001 16:35:02 -0600 (MDT) From: David G Andersen <danderse@cs.utah.edu> To: yar@FreeBSD.ORG (Yar Tikhiy) Cc: hackers@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: finger/fingerd & home directory permissions Message-ID: <200108082235.f78MZ2p10632@faith.cs.utah.edu> In-Reply-To: <20010809020831.B44660@comp.chem.msu.su> from "Yar Tikhiy" at Aug 09, 2001 02:08:31 AM
next in thread | previous in thread | raw e-mail | index | archive | help
Lo and behold, Yar Tikhiy once said:
>
> In the case of local access, it's no problem, since anyone may read
> /etc/passwd directly. OTOH, letting remote folks peek at user
> information even if the user wants to hide himself is a bad thing.
>
> The issue I'd like to submit to discussion is what way to choose:
>
> a) Add a command-line option to finger(1) and fingerd(8) telling
> them not to reveal user information if the user's homedir is
> protected.
>
> b) Similar to a), but hide such users by default.
>
> c) Don't bother at all :-)
>
> Personally, I'd prefer b) since it's most secure and seems to break
> nothing. Do I overlook any complications?
Yes - it breaks the semantics of the existing fingerds that
people are used to. It's a gratuitious change with little benefit
that would simply confuse people who have a reasonable expectation
about what the default behavior of 'finger' should be. Don't do (b).
-Dave
--
work: dga@lcs.mit.edu me: dga@pobox.com
MIT Laboratory for Computer Science http://www.angio.net/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108082235.f78MZ2p10632>