From owner-freebsd-audit Sat Jul 28 4:52: 7 2001 Delivered-To: freebsd-audit@freebsd.org Received: from snark.rinet.ru (snark.rinet.ru [195.54.192.73]) by hub.freebsd.org (Postfix) with ESMTP id A015337B403 for ; Sat, 28 Jul 2001 04:52:00 -0700 (PDT) (envelope-from yar@snark.rinet.ru) Received: (from yar@localhost) by snark.rinet.ru (8.11.4/8.11.4) id f6SBpxX35807 for audit@freebsd.org; Sat, 28 Jul 2001 15:51:59 +0400 (MSD) (envelope-from yar) Date: Sat, 28 Jul 2001 15:51:59 +0400 From: Yar Tikhiy To: audit@freebsd.org Subject: finger(1) & fingerd(8) Message-ID: <20010728155159.A35483@snark.rinet.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, Currently, finger(1) reveals user information if the user has created the ``.nofinger'' file, but his home directory is unreadable for finger(1). In the case of local access, it's no problem, since anyone may read /etc/passwd directly. OTOH, letting remote folks peek at user information even if the user wants to hide himself is a bad thing. Therefore, a patch is proposed that adds an option telling finger(1) fingerd(1) not to show users whose home directories are unreadable. Another way is not to do the bad thing by default. Any comments? -- Yar Index: finger/finger.c =================================================================== RCS file: /home/ncvs/src/usr.bin/finger/finger.c,v retrieving revision 1.24 diff -u -r1.24 finger.c --- finger/finger.c 2001/03/21 18:43:49 1.24 +++ finger/finger.c 2001/07/28 11:33:16 @@ -88,7 +88,7 @@ DB *db; time_t now; -int entries, lflag, mflag, pplan, sflag, oflag, Tflag; +int entries, lflag, mflag, pplan, sflag, oflag, Hflag, Tflag; int d_first = -1; char tbuf[1024]; @@ -105,7 +105,7 @@ optind = 1; /* reset getopt */ - while ((ch = getopt(argc, argv, "lmpshoT")) != -1) + while ((ch = getopt(argc, argv, "lmpshoHT")) != -1) switch(ch) { case 'l': lflag = 1; /* long format */ @@ -125,6 +125,9 @@ case 'o': oflag = 1; /* office info */ break; + case 'H': + Hflag = 1; /* hide if home unreadable */ + break; case 'T': Tflag = 1; /* disable T/TCP */ break; @@ -139,7 +142,7 @@ static void usage() { - (void)fprintf(stderr, "usage: finger [-lmpshoT] [login ...]\n"); + (void)fprintf(stderr, "usage: finger [-lmpshoHT] [login ...]\n"); exit(1); } Index: finger/pathnames.h =================================================================== RCS file: /home/ncvs/src/usr.bin/finger/pathnames.h,v retrieving revision 1.4 diff -u -r1.4 pathnames.h --- finger/pathnames.h 2001/01/04 10:03:44 1.4 +++ finger/pathnames.h 2001/07/28 11:33:16 @@ -29,6 +29,7 @@ #ifndef PATHNAMES_H #define _PATH_FORWARD ".forward" +#define _PATH_NOFINGER ".nofinger" #define _PATH_PLAN ".plan" #define _PATH_PROJECT ".project" #define _PATH_PUBKEY ".pubkey" Index: finger/util.c =================================================================== RCS file: /home/ncvs/src/usr.bin/finger/util.c,v retrieving revision 1.13 diff -u -r1.13 util.c --- finger/util.c 2001/03/01 05:52:38 1.13 +++ finger/util.c 2001/07/28 11:33:16 @@ -57,7 +57,10 @@ #include #include #include "finger.h" +#include "pathnames.h" +extern int Hflag; + static void find_idle_and_ttywrite __P((WHERE *)); static void userinfo __P((PERSON *, struct passwd *)); static WHERE *walloc __P((PERSON *)); @@ -415,8 +418,11 @@ if (!pw->pw_dir) return 0; + + if (Hflag && access(pw->pw_dir, R_OK) == -1) + return 1; - snprintf(buf, sizeof(buf), "%s/.nofinger", pw->pw_dir); + snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER); if (access(buf, F_OK) == 0) return 1; Index: fingerd/fingerd.c =================================================================== RCS file: /home/ncvs/src/libexec/fingerd/fingerd.c,v retrieving revision 1.17 diff -u -r1.17 fingerd.c --- fingerd/fingerd.c 2001/01/20 00:29:31 1.17 +++ fingerd/fingerd.c 2001/07/28 11:33:16 @@ -73,16 +73,16 @@ register int ch; register char *lp; struct sockaddr_storage ss; - int p[2], logging, secure, sval; + int p[2], hideprotected, logging, secure, sval; #define ENTRIES 50 - char **ap, *av[ENTRIES + 1], **comp, line[1024], *prog; + char **ap, *av[ENTRIES + 1], **avlast, **comp, line[1024], *prog; char rhost[MAXHOSTNAMELEN]; prog = _PATH_FINGER; - logging = secure = 0; + hideprotected = logging = secure = 0; openlog("fingerd", LOG_PID | LOG_CONS, LOG_DAEMON); opterr = 0; - while ((ch = getopt(argc, argv, "slp:")) != -1) + while ((ch = getopt(argc, argv, "slp:H")) != -1) switch (ch) { case 'l': logging = 1; @@ -93,6 +93,9 @@ case 's': secure = 1; break; + case 'H': + hideprotected = 1; + break; case '?': default: logerr("illegal option -- %c", optopt); @@ -140,12 +143,15 @@ syslog(LOG_NOTICE, "query from %s: `%s'", rhost, t); } - comp = &av[1]; - av[2] = "--"; - for (lp = line, ap = &av[3];;) { + avlast = &av[1]; + comp = avlast++; + if (hideprotected) + *avlast++ = "-H"; + *avlast++ = "--"; + for (lp = line, ap = avlast;;) { *ap = strtok(lp, " \t\r\n"); if (!*ap) { - if (secure && ap == &av[3]) { + if (secure && ap == avlast) { puts("must provide username\r\n"); exit(1); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message