Date: Fri, 26 Jan 1996 20:34:36 GMT
From: Kimmo Suominen <kim(_at_)tac(_dot_)nyc(_dot_)ny(_dot_)us>
To: procmail(_at_)Informatik(_dot_)RWTH-Aachen(_dot_)DE
Subject: Re: How do you stop finger displaying contents of .fowrawd?!
On Thu, 25 Jan 1996, David Pesticcio wrote:
Have a problem with finger. Is it finger that is broken or the permisions
on the file?
Make sure your finger binary is not setuid root (it does not
need to be) and that your fingerd is not run as root by inetd.
If you are not the administrator of your system, ask your admin
to check these for you.
There is no need to run finger as root, and some older fingers
have security holes that won't be that bad if run as nobody, or
some other harmless uid.
It is set as below,
paradigm:~> grep finger /etc/inetd.conf
finger stream tcp nowait daemon /usr/sbin/tcpd /usr/sbin/in.fingerd
paradigm:~> ls -l .forward
-rwx------ 1 davidp users 80 Jan 25 23:40 .forward*
So what's the deal? User daemon settings are,
daemon:*:2:2:daemon:/sbin:
If finger is not run as root, it won't be able to read files
that are protected properly. Some might call this a bug, I call
it a feature (a user now has control over what is displayed by
modifying the protections on .plan, .project and .forward).
Yes, this is how I have it on my other accounts, so I must be missing
something on this system.
--
Davd Pesticcio e:
davidp(_at_)paradigm(_dot_)celtic(_dot_)co(_dot_)uk
Systems Paradigm t: +44 (0)1222 798230 / 383383
System Administrator f: +44 (0)1222 798230 / 383383
`The only stupid question is the unasked one.' - Linux NET-2/NET-3 HOWTO