This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mimeat_private for more info. --655616-928515508-924899312=:6094 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Content-ID: <UnknownMailer.9904231534401.6120at_private> As to the matter of the home directories being world-readable/executeable... Having the finger daemon assume that there is no .nofinger file because the home directory in question is not readable, but still executeable, breaks a few things. On multi-user machines, some users will be extremely paranoid, and will not wish to use anything BUT mode 700, because having the directory world-executeable will allow other users on the system to detect the presence of certain files in their directory (like .rhosts, .forward, .promcail, .pinerc) that may allow them to launch attacks at that particular user, knowing that there's a good chance that the user uses a vulnerable package, and quite possibly even the last time they used it depending on the file. After seeing the post on freshmeat, it occurred to me that I had forgotten to email Felix the patch for 1.18 that took care of the punctuation as well as a few other issues, and I now notice that I sent him the wrong version of the patch this morning anyway. (A version which did not have the directory mode issue fixed, but at least my binary has been working all this time thankfully.) Eilon Gishri dealt with it a lot more elegantly than I did anyway. ;) Attached is a patch which applies to the 1.20 version of Fefe's Finger Daemon, which includes both Eilon Gishri's patches to deal with paranoid users whose home directories are mode 700 (the punctuation problem had already been fixed in 1.20), and my misdirection patches that add the .fakefinger (lets users controly exactly what will be returned when they are fingered) file use, and the /etc/ffingerd.empty and /etc/ffingerd.indirect files which allow a sysadmin to change what kind of message is sent to people when they try indirect or empty finger queries without having to edit the source and recompile the daemon. ---------- Unsolicited commercial email sent to this address will be forwarded to uceat_private, or responded to late in the evening after I've been clubbing long enough to be fairly drunk, and at least twice as verbally abusive. --655616-928515508-924899312=:6094 Content-Type: APPLICATION/OCTET-STREAM; NAME="ffingerd-1.20p2.patch.gz" Content-Transfer-Encoding: BASE64 Content-ID: <UnknownMailer.9904231528320.6094at_private> Content-Description: Content-Disposition: ATTACHMENT; FILENAME="ffingerd-1.20p2.patch.gz" H4sICLTAIDcCA2ZmaW5nZXJkLTEuMjBwMi5wYXRjaACdVm1z0zgQ/ox/xU5u jrQ4ceOkpSRQJr3SltxwaacpwzCU6Si2XOtqW0aSyWWA++23KzuvJBSuHxpr Ze3L8zy7ciiiCJqFGkIUieyOq7Dpe+3W3vD03WjVlLet0Wk2mxvefXSmBBzn CtodaB322u3evg9+t9t1XNfd6Gj5hN/p7Xd6/tPyRL8PTb/RAddvdKHfd1w8 5UOkZAp03nEBTkUiMzgXOkYnLzit+kwJbaRnWOGxwBPJS1A8l8rwEBjkSo4T ngKwLIScmSCGSCpylTPFMilCKDRXGibCxBDLlEMoFA+MVIJrSGXI4bDVgjHH SqDIGHoDI+kQmJiTIy+TZZkQiYR7AK/YXcoUhPVRoRRnCbwIraUf6tLgSXX3 ElgYYoozJxG755UbSnWGnMfT3Ez35kuRlemBzI2QmfYc17HozHDyuw4AXGMl TMNrNuZGwwtjl/3YLr089zRfQclMcwkio2TmkckNV0oqSLnW7A7RmMRccXw9 FVoTHKE0MJFFEoIuxiaZwp34jPsTNgUR4XuErBNuUdq8pGffyWSxtUF1i81H 13EBf7IMoAttv3ew3/NbpKTDjdpbOreqwM7BigL3/YaPGsQfFB+qEDyd478s chBVZmxRWDnCkVH5LDOkhzECZ/3z0HG90Wv4azB6Nbg6PbkeXAwd91IJFIBA iFB9wDPDlWEiS/EJPrOk4I1KhilixxItIS8MIrgsC1IXkuS4yJJQVqsNqxWB FAcSfWaGdJwklI2O5SSjzIhTxVNpeJk60pwnLOAgo1J8hS5QoyLDzFJGovJI P+hhqg12DgtTkWGHKWZIC7P8gphhVtb7XB8aM3BcDEDSyrRtlLlgKVMrZpjJ 3BhaaxhPIcC2MCQpKhKRZSnhuMdNsLfaCdbNqn0WoUxb88rHTTRIC21uoiuE w3ExQGibF6Mty5xynEh17wGSjLydDd6cjvDx8tJp/rs37+0G4AJxy8oHJf/G iOVzMb7nU8ddf3nB3ENnG1sKWrdbAMos/3h7jkm+i3m2KERoUEWWEYqMxDmW YQkXW9NszLBLseYEe5z/w4MCpZFzZbsap6vmxqo0RoelyMxKnAA7jtwEMQ/u aSbgtnKaZt4cMYZnhP8cECLByteUE4SS0rpA4aB462VWdssjdf+Sn5neMeOA WzZLz+gYpahnbi1qx2+vX19cUTOzsqMfnE3B9jES/Gg2BWv3ot/tdbrb78XN 53A2tQ56+92l27Gz3zjE+9H+0GwCYutOhDv5JGy+zCe3+Lz7vLIXS/Zibs+V yEy0QzBSmzVqv2MOLb1Qb60xO4QyxENNoGm+k2jDzOLYY1rejotodxe+0A1G 72x/CY6OMP1dePwYdvBWySQZTocXp8Nr6wB+E1EW8giGF7ej96M3F+fWRJaz 49HJYHR9i7bzwfCcigAaP/OL6cOB3/74vATooAQIf55VAAGERZrfUk5LRV8W 40QEgN3XqzVqQ5q3M4NXK5H6BjzBafJla8Am2XFO653az90M1rMLP2RhMTbW eXC31YIF/EL8TUgvp1TV2KhV85l8VBP7psryplZ+bVSrbJGpTai8bUoQga6R RN7tYJzbs+OTwZvB9XusVtcaVaDdkrm2/5SYa/uHc2nT3xjn9n3l6Vv5Q0L7 VHA1/YAAfCQd1ft10lCzPFIyMpJK4WSd4PectHjoIqfvncWFVBVFrvBTb8HN Msi1zZO5ZkH/XyG2wb+BgHU3M0KQ6hL5dRYsKo2rFfh/noBOyxLQ8ecEENJP PuVGHR3V9+q2d5/s0Nr1d9H0rg5fv8KyZVLHZrbLo/bzdQ9Qr/bc9a3WnL0H uFv5fviOuK202WMPcLbV9U/3y6aPm4ohy87Vr7bFf8DAXnmkDQAA --655616-928515508-924899312=:6094--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:43:51 PDT