Bugtraq mailing list archives
Re: Ffingerd privacy issues
From: leitner-bugtraq () MATH FU-BERLIN DE (Felix von Leitner)
Date: Fri, 23 Apr 1999 19:43:33 +0200
--RnlQjJ0d97Da+TV1 Content-Type: text/plain; charset=us-ascii Thus spake Eilon Gishri (eilon () aristo tau ac il):
I found a couple of bugs in ffingerd 1.19 which are related to privacy.
OK. I would be happy if you email me (the author) first before publishing this on bugtraq. Next time, maybe. [ffingerd assumes the user wants to be fingered if his home does not give public execute access] This is documented in ffingerd. If you want ffingerd to look into protected homes, run it as root.
----- (aristo)/cc/eilon>finger root@host.domain [host.domain] That user does not want to be fingered -----
Hmmm, now for an unknown user.
----- (aristo)/cc/eilon>finger root1@host.domain [host.domain] That user does not want to be fingered. -----
Oops. Notice the dot ('.') at the end of the sentence. A very simple and efficient way to find whether the user exists on the remote host or not (taking into account the fact that ffingerd has been installed on the remote host).
This has been pointed out to me yesterday. I fixed it today (before I saw this message, by the way), and announced version 1.20 on Freshmeat pointing out this fixed problem. Did you see my announcement and then posted to bugtraq?
--- ffingerd.c.old Thu Feb 18 12:50:36 1999 +++ ffingerd.c Fri Apr 23 18:48:54 1999 @@ -134,7 +134,7 @@ setgid(pwd->pw_gid); setuid(pwd->pw_uid); sprintf(filename,"%.200s/.nofinger",pwd->pw_dir); - if (lstat(filename,&stat_buf)) { + if((lstat(filename,&stat_buf) == -1) && (errno == ENOENT)) { #ifndef NO_SYSLOG #ifdef FASCIST_LOGGING char message[512];
This is debatable. If a user wants privacy, he should remove the world readable permission, not the world executable permission. I will not add this right now but think it over. If anyone wants to comment on the way to go here, feel free to email me. I would prefer discussion this in private email than on bugtraq, but if you must, I will also read bugtraq comments.
@@ -154,7 +154,7 @@ dump_file(filename,"Public key:","No public key."); } else { char message[512]; - puts("That user does not want to be fingered"); + puts("That user does not want to be fingered."); #ifndef NO_SYSLOG sprintf(message,"attempt to finger \"%.200s\" from %.200s\n",pwd->pw_name,remote); syslog(LOG_FACILITY,"%s",message);
This has already been fixed. Felix --RnlQjJ0d97Da+TV1 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.5 (GNU/Linux) Comment: For info see http://www.gnupg.org iQCVAwUBNyCxQx/Da1Yoy+f1AQFvLgQAi9C+FNkDsr9rKBVlPd92BBQa3/Zm5b3b GXF8djbQV3F1wWfMKSp7yQiBsF9RiTkVLYN19pn5VGWZ1jTtkGQLv8/9KICjd5v0 FQpjkaCm8tKmW0fKbQJxKDpP2Ij4UlDg3HHs+mU8k3JbU8614ke0iYuZHKbvzJKS kOzb9WC8taY= =NhDF -----END PGP SIGNATURE----- --RnlQjJ0d97Da+TV1--
Current thread:
- Re: Bash Bug Andy Church (Apr 21)
- Re: Bash Bug Guy Cohen (Apr 22)
- WebShop advisory. Elaich Of Hhp (Apr 22)
- cold fusion scanner hYP0[13/\r (Apr 22)
- Re: Bash Bug Daniel Jacobowitz (Apr 22)
- Final Call for Papers - CQRE [Secure] networking Detlef Hühnlein (Apr 23)
- Ffingerd privacy issues Eilon Gishri (Apr 23)
- Re: Ffingerd privacy issues Felix von Leitner (Apr 23)
- Re: Ffingerd privacy issues Eilon Gishri (Apr 23)
- Re: Ffingerd privacy issues Dagmar d'Surreal (Apr 23)
- Re: Bash Bug Guy Cohen (Apr 22)
- Re: Bash Bug Ph. Rueegsegger (Apr 23)
- <Possible follow-ups>
- Re: Bash Bug Henrik Nordstrom (Apr 22)