Site Navigation

Date:      Sat, 28 Jul 2001 15:51:59 +0400
From:      Yar Tikhiy <yar@freebsd.org>
To:        audit@freebsd.org
Subject:   finger(1) & fingerd(8)
Message-ID:  <20010728155159.A35483@snark.rinet.ru>

---

next in thread | raw e-mail | index | archive | help

---

Hi,

Currently, finger(1) reveals user information if the user
has created the ``.nofinger'' file, but his home directory
is unreadable for finger(1).

In the case of local access, it's no problem, since anyone may read
/etc/passwd directly. OTOH, letting remote folks peek at user
information even if the user wants to hide himself is a bad thing.

Therefore, a patch is proposed that adds an option telling finger(1)
fingerd(1) not to show users whose home directories are unreadable.

Another way is not to do the bad thing by default. Any comments?

-- 
Yar

Index: finger/finger.c
===================================================================
RCS file: /home/ncvs/src/usr.bin/finger/finger.c,v
retrieving revision 1.24
diff -u -r1.24 finger.c
--- finger/finger.c	2001/03/21 18:43:49	1.24
+++ finger/finger.c	2001/07/28 11:33:16
@@ -88,7 +88,7 @@
 
 DB *db;
 time_t now;
-int entries, lflag, mflag, pplan, sflag, oflag, Tflag;
+int entries, lflag, mflag, pplan, sflag, oflag, Hflag, Tflag;
 int d_first = -1;
 char tbuf[1024];
 
@@ -105,7 +105,7 @@
 
 	optind = 1;		/* reset getopt */
 
-	while ((ch = getopt(argc, argv, "lmpshoT")) != -1)
+	while ((ch = getopt(argc, argv, "lmpshoHT")) != -1)
 		switch(ch) {
 		case 'l':
 			lflag = 1;		/* long format */
@@ -125,6 +125,9 @@
 		case 'o':
 			oflag = 1;		/* office info */
 			break;
+		case 'H':
+			Hflag = 1;		/* hide if home unreadable */
+			break;
 		case 'T':
 			Tflag = 1;		/* disable T/TCP */
 			break;
@@ -139,7 +142,7 @@
 static void
 usage()
 {
-	(void)fprintf(stderr, "usage: finger [-lmpshoT] [login ...]\n");
+	(void)fprintf(stderr, "usage: finger [-lmpshoHT] [login ...]\n");
 	exit(1);
 }
 
Index: finger/pathnames.h
===================================================================
RCS file: /home/ncvs/src/usr.bin/finger/pathnames.h,v
retrieving revision 1.4
diff -u -r1.4 pathnames.h
--- finger/pathnames.h	2001/01/04 10:03:44	1.4
+++ finger/pathnames.h	2001/07/28 11:33:16
@@ -29,6 +29,7 @@
 #ifndef PATHNAMES_H
 
 #define	_PATH_FORWARD	".forward"
+#define	_PATH_NOFINGER	".nofinger"
 #define	_PATH_PLAN	".plan"
 #define	_PATH_PROJECT	".project"
 #define	_PATH_PUBKEY	".pubkey"
Index: finger/util.c
===================================================================
RCS file: /home/ncvs/src/usr.bin/finger/util.c,v
retrieving revision 1.13
diff -u -r1.13 util.c
--- finger/util.c	2001/03/01 05:52:38	1.13
+++ finger/util.c	2001/07/28 11:33:16
@@ -57,7 +57,10 @@
 #include <unistd.h>
 #include <utmp.h>
 #include "finger.h"
+#include "pathnames.h"
 
+extern int	 Hflag;
+
 static void	 find_idle_and_ttywrite __P((WHERE *));
 static void	 userinfo __P((PERSON *, struct passwd *));
 static WHERE	*walloc __P((PERSON *));
@@ -415,8 +418,11 @@
 
 	if (!pw->pw_dir)
 		return 0;
+
+	if (Hflag && access(pw->pw_dir, R_OK) == -1)
+		return 1;
 
-	snprintf(buf, sizeof(buf), "%s/.nofinger", pw->pw_dir);
+	snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER);
 
 	if (access(buf, F_OK) == 0)
 		return 1;
Index: fingerd/fingerd.c
===================================================================
RCS file: /home/ncvs/src/libexec/fingerd/fingerd.c,v
retrieving revision 1.17
diff -u -r1.17 fingerd.c
--- fingerd/fingerd.c	2001/01/20 00:29:31	1.17
+++ fingerd/fingerd.c	2001/07/28 11:33:16
@@ -73,16 +73,16 @@
 	register int ch;
 	register char *lp;
 	struct sockaddr_storage ss;
-	int p[2], logging, secure, sval;
+	int p[2], hideprotected, logging, secure, sval;
 #define	ENTRIES	50
-	char **ap, *av[ENTRIES + 1], **comp, line[1024], *prog;
+	char **ap, *av[ENTRIES + 1], **avlast, **comp, line[1024], *prog;
 	char rhost[MAXHOSTNAMELEN];
 
 	prog = _PATH_FINGER;
-	logging = secure = 0;
+	hideprotected = logging = secure = 0;
 	openlog("fingerd", LOG_PID | LOG_CONS, LOG_DAEMON);
 	opterr = 0;
-	while ((ch = getopt(argc, argv, "slp:")) != -1)
+	while ((ch = getopt(argc, argv, "slp:H")) != -1)
 		switch (ch) {
 		case 'l':
 			logging = 1;
@@ -93,6 +93,9 @@
 		case 's':
 			secure = 1;
 			break;
+		case 'H':
+			hideprotected = 1;
+			break;
 		case '?':
 		default:
 			logerr("illegal option -- %c", optopt);
@@ -140,12 +143,15 @@
 		syslog(LOG_NOTICE, "query from %s: `%s'", rhost, t);
 	}
 
-	comp = &av[1];
-	av[2] = "--";
-	for (lp = line, ap = &av[3];;) {
+	avlast = &av[1];
+	comp = avlast++;
+	if (hideprotected)
+		*avlast++ = "-H";
+	*avlast++ = "--";
+	for (lp = line, ap = avlast;;) {
 		*ap = strtok(lp, " \t\r\n");
 		if (!*ap) {
-			if (secure && ap == &av[3]) {
+			if (secure && ap == avlast) {
 				puts("must provide username\r\n");
 				exit(1);
 			}

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010728155159.A35483>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact