Date: Thu, 9 Aug 2001 10:55:02 +0400 From: Yar Tikhiy <yar@FreeBSD.ORG> To: Warner Losh <imp@harmony.village.org> Cc: hackers@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: finger/fingerd & home directory permissions Message-ID: <20010809105502.A92333@comp.chem.msu.su> In-Reply-To: <200108090629.f796TX127642@harmony.village.org>; from imp@harmony.village.org on Thu, Aug 09, 2001 at 12:29:33AM -0600 References: <20010809020831.B44660@comp.chem.msu.su> <200108090629.f796TX127642@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 09, 2001 at 12:29:33AM -0600, Warner Losh wrote: > In message <20010809020831.B44660@comp.chem.msu.su> Yar Tikhiy writes: > : The issue I'd like to submit to discussion is what way to choose: > : a) Add a command-line option to finger(1) and fingerd(8) telling > : them not to reveal user information if the user's homedir is > : protected. > : b) Similar to a), but hide such users by default. > : c) Don't bother at all :-) > > d) $HOME/.nofinger It's just an equivalent of c) ;-) The top part of my message, which you skipped, I was speaking of the case when finger(1) couldn't access the home directory of a user and see the ".nofinger" file because of restrictive permission bits set on the directory. -- Yar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010809105502.A92333>