From owner-freebsd-hackers  Wed Aug  8 15:24:41 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from mail.chem.msu.ru (mail.chem.msu.ru [195.208.208.19])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3A4A137B406; Wed,  8 Aug 2001 15:24:34 -0700 (PDT)
	(envelope-from yar@comp.chem.msu.su)
Received: from comp.chem.msu.su ([158.250.32.97]) by mail.chem.msu.ru with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21)
	id NHPRWSXR; Thu, 9 Aug 2001 02:00:04 +0400
Received: (from yar@localhost)
	by comp.chem.msu.su (8.11.1/8.11.1) id f78M8W148715;
	Thu, 9 Aug 2001 02:08:32 +0400 (MSD)
	(envelope-from yar)
Date: Thu, 9 Aug 2001 02:08:31 +0400
From: Yar Tikhiy <yar@freebsd.org>
To: hackers@freebsd.org, security@freebsd.org
Subject: finger/fingerd & home directory permissions
Message-ID: <20010809020831.B44660@comp.chem.msu.su>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

Hello,

[Once I've sent this to -audit, but then was pointed]
[that it wasn't the right list for such a discussion]

Currently, finger(1) reveals user information if the user
has created the ``.nofinger'' file, but his home directory
is unreadable for finger(1).

In the case of local access, it's no problem, since anyone may read
/etc/passwd directly. OTOH, letting remote folks peek at user
information even if the user wants to hide himself is a bad thing.

The issue I'd like to submit to discussion is what way to choose:

a) Add a command-line option to finger(1) and fingerd(8) telling
   them not to reveal user information if the user's homedir is
   protected.

b) Similar to a), but hide such users by default.

c) Don't bother at all :-)

Personally, I'd prefer b) since it's most secure and seems to break
nothing. Do I overlook any complications?

-- 
Yar

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message