--RnlQjJ0d97Da+TV1 Content-Type: text/plain; charset=us-ascii Thus spake Eilon Gishri (eilonat_private): > I found a couple of bugs in ffingerd 1.19 which are related to > privacy. OK. I would be happy if you email me (the author) first before publishing this on bugtraq. Next time, maybe. [ffingerd assumes the user wants to be fingered if his home does not give public execute access] This is documented in ffingerd. If you want ffingerd to look into protected homes, run it as root. > ----- > (aristo)/cc/eilon>finger rootat_private > [host.domain] > That user does not want to be fingered > ----- > Hmmm, now for an unknown user. > ----- > (aristo)/cc/eilon>finger root1at_private > [host.domain] > That user does not want to be fingered. > ----- > Oops. Notice the dot ('.') at the end of the sentence. A very simple > and efficient way to find whether the user exists on the remote host > or not (taking into account the fact that ffingerd has been installed > on the remote host). This has been pointed out to me yesterday. I fixed it today (before I saw this message, by the way), and announced version 1.20 on Freshmeat pointing out this fixed problem. Did you see my announcement and then posted to bugtraq? > --- ffingerd.c.old Thu Feb 18 12:50:36 1999 > +++ ffingerd.c Fri Apr 23 18:48:54 1999 > @@ -134,7 +134,7 @@ > setgid(pwd->pw_gid); > setuid(pwd->pw_uid); > sprintf(filename,"%.200s/.nofinger",pwd->pw_dir); > - if (lstat(filename,&stat_buf)) { > + if((lstat(filename,&stat_buf) == -1) && (errno == ENOENT)) { > #ifndef NO_SYSLOG > #ifdef FASCIST_LOGGING > char message[512]; This is debatable. If a user wants privacy, he should remove the world readable permission, not the world executable permission. I will not add this right now but think it over. If anyone wants to comment on the way to go here, feel free to email me. I would prefer discussion this in private email than on bugtraq, but if you must, I will also read bugtraq comments. > @@ -154,7 +154,7 @@ > dump_file(filename,"Public key:","No public key."); > } else { > char message[512]; > - puts("That user does not want to be fingered"); > + puts("That user does not want to be fingered."); > #ifndef NO_SYSLOG > sprintf(message,"attempt to finger \"%.200s\" from %.200s\n",pwd->pw_name,remote); > syslog(LOG_FACILITY,"%s",message); This has already been fixed. Felix --RnlQjJ0d97Da+TV1 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.5 (GNU/Linux) Comment: For info see http://www.gnupg.org iQCVAwUBNyCxQx/Da1Yoy+f1AQFvLgQAi9C+FNkDsr9rKBVlPd92BBQa3/Zm5b3b GXF8djbQV3F1wWfMKSp7yQiBsF9RiTkVLYN19pn5VGWZ1jTtkGQLv8/9KICjd5v0 FQpjkaCm8tKmW0fKbQJxKDpP2Ij4UlDg3HHs+mU8k3JbU8614ke0iYuZHKbvzJKS kOzb9WC8taY= =NhDF -----END PGP SIGNATURE----- --RnlQjJ0d97Da+TV1--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:43:39 PDT