Bugtraq mailing list archives

Re: Ffingerd privacy issues

From: dagmar () EDGE NET (Dagmar d'Surreal)
Date: Fri, 23 Apr 1999 15:46:59 -0500


  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime () docserver cac washington edu for more info.

--655616-928515508-924899312=:6094
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Content-ID: <UnknownMailer.9904231534401.6120 () think kung foo>

As to the matter of the home directories being
world-readable/executeable...

Having the finger daemon assume that there is no .nofinger file because
the home directory in question is not readable, but still executeable,
breaks a few things.  On multi-user machines, some users will be extremely
paranoid, and will not wish to use anything BUT mode 700, because having
the directory world-executeable will allow other users on the system to
detect the presence of certain files in their directory (like .rhosts,
.forward, .promcail, .pinerc) that may allow them to launch attacks at
that particular user, knowing that there's a good chance that the user
uses a vulnerable package, and quite possibly even the last time they used
it depending on the file.

After seeing the post on freshmeat, it occurred to me that I had forgotten
to email Felix the patch for 1.18 that took care of the punctuation as
well as a few other issues, and I now notice that I sent him the wrong
version of the patch this morning anyway.  (A version which did not have
the directory mode issue fixed, but at least my binary has been working
all this time thankfully.)  Eilon Gishri dealt with it a lot more
elegantly than I did anyway.  ;)

Attached is a patch which applies to the 1.20 version of Fefe's Finger
Daemon, which includes both Eilon Gishri's patches to deal with paranoid
users whose home directories are mode 700 (the punctuation problem had
already been fixed in 1.20), and my misdirection patches that
add the .fakefinger (lets users controly exactly what will be returned
when they are fingered) file use, and the /etc/ffingerd.empty and
/etc/ffingerd.indirect files which allow a sysadmin to change what kind of
message is sent to people when they try indirect or empty finger queries
without having to edit the source and recompile the daemon.

----------
Unsolicited commercial email sent to this address will be forwarded to
uce () ftc gov, or responded to late in the evening after I've been clubbing
long enough to be fairly drunk, and at least twice as verbally abusive.

--655616-928515508-924899312=:6094
Content-Type: APPLICATION/OCTET-STREAM; NAME="ffingerd-1.20p2.patch.gz"
Content-Transfer-Encoding: BASE64
Content-ID: <UnknownMailer.9904231528320.6094 () think kung foo>
Content-Description:
Content-Disposition: ATTACHMENT; FILENAME="ffingerd-1.20p2.patch.gz"

H4sICLTAIDcCA2ZmaW5nZXJkLTEuMjBwMi5wYXRjaACdVm1z0zgQ/ox/xU5u
jrQ4ceOkpSRQJr3SltxwaacpwzCU6Si2XOtqW0aSyWWA++23KzuvJBSuHxpr
Ze3L8zy7ciiiCJqFGkIUieyOq7Dpe+3W3vD03WjVlLet0Wk2mxvefXSmBBzn
CtodaB322u3evg9+t9t1XNfd6Gj5hN/p7Xd6/tPyRL8PTb/RAddvdKHfd1w8
5UOkZAp03nEBTkUiMzgXOkYnLzit+kwJbaRnWOGxwBPJS1A8l8rwEBjkSo4T
ngKwLIScmSCGSCpylTPFMilCKDRXGibCxBDLlEMoFA+MVIJrSGXI4bDVgjHH
SqDIGHoDI+kQmJiTIy+TZZkQiYR7AK/YXcoUhPVRoRRnCbwIraUf6tLgSXX3
ElgYYoozJxG755UbSnWGnMfT3Ez35kuRlemBzI2QmfYc17HozHDyuw4AXGMl
TMNrNuZGwwtjl/3YLr089zRfQclMcwkio2TmkckNV0oqSLnW7A7RmMRccXw9
FVoTHKE0MJFFEoIuxiaZwp34jPsTNgUR4XuErBNuUdq8pGffyWSxtUF1i81H
13EBf7IMoAttv3ew3/NbpKTDjdpbOreqwM7BigL3/YaPGsQfFB+qEDyd478s
chBVZmxRWDnCkVH5LDOkhzECZ/3z0HG90Wv4azB6Nbg6PbkeXAwd91IJFIBA
iFB9wDPDlWEiS/EJPrOk4I1KhilixxItIS8MIrgsC1IXkuS4yJJQVqsNqxWB
FAcSfWaGdJwklI2O5SSjzIhTxVNpeJk60pwnLOAgo1J8hS5QoyLDzFJGovJI
P+hhqg12DgtTkWGHKWZIC7P8gphhVtb7XB8aM3BcDEDSyrRtlLlgKVMrZpjJ
3BhaaxhPIcC2MCQpKhKRZSnhuMdNsLfaCdbNqn0WoUxb88rHTTRIC21uoiuE
w3ExQGibF6Mty5xynEh17wGSjLydDd6cjvDx8tJp/rs37+0G4AJxy8oHJf/G
iOVzMb7nU8ddf3nB3ENnG1sKWrdbAMos/3h7jkm+i3m2KERoUEWWEYqMxDmW
YQkXW9NszLBLseYEe5z/w4MCpZFzZbsap6vmxqo0RoelyMxKnAA7jtwEMQ/u
aSbgtnKaZt4cMYZnhP8cECLByteUE4SS0rpA4aB462VWdssjdf+Sn5neMeOA
WzZLz+gYpahnbi1qx2+vX19cUTOzsqMfnE3B9jES/Gg2BWv3ot/tdbrb78XN
53A2tQ56+92l27Gz3zjE+9H+0GwCYutOhDv5JGy+zCe3+Lz7vLIXS/Zibs+V
yEy0QzBSmzVqv2MOLb1Qb60xO4QyxENNoGm+k2jDzOLYY1rejotodxe+0A1G
72x/CY6OMP1dePwYdvBWySQZTocXp8Nr6wB+E1EW8giGF7ej96M3F+fWRJaz
49HJYHR9i7bzwfCcigAaP/OL6cOB3/74vATooAQIf55VAAGERZrfUk5LRV8W
40QEgN3XqzVqQ5q3M4NXK5H6BjzBafJla8Am2XFO653az90M1rMLP2RhMTbW
eXC31YIF/EL8TUgvp1TV2KhV85l8VBP7psryplZ+bVSrbJGpTai8bUoQga6R
RN7tYJzbs+OTwZvB9XusVtcaVaDdkrm2/5SYa/uHc2nT3xjn9n3l6Vv5Q0L7
VHA1/YAAfCQd1ft10lCzPFIyMpJK4WSd4PectHjoIqfvncWFVBVFrvBTb8HN
Msi1zZO5ZkH/XyG2wb+BgHU3M0KQ6hL5dRYsKo2rFfh/noBOyxLQ8ecEENJP
PuVGHR3V9+q2d5/s0Nr1d9H0rg5fv8KyZVLHZrbLo/bzdQ9Qr/bc9a3WnL0H
uFv5fviOuK202WMPcLbV9U/3y6aPm4ohy87Vr7bFf8DAXnmkDQAA
--655616-928515508-924899312=:6094--

Current thread:

Re: Bash Bug Andy Church (Apr 21)
- Re: Bash Bug Guy Cohen (Apr 22)
  - WebShop advisory. Elaich Of Hhp (Apr 22)
  - cold fusion scanner hYP0[13/\r (Apr 22)
  - Re: Bash Bug Daniel Jacobowitz (Apr 22)
  - Final Call for Papers - CQRE [Secure] networking Detlef Hühnlein (Apr 23)
  - Ffingerd privacy issues Eilon Gishri (Apr 23)
    - Re: Ffingerd privacy issues Felix von Leitner (Apr 23)
    - Re: Ffingerd privacy issues Eilon Gishri (Apr 23)
    - Re: Ffingerd privacy issues Dagmar d'Surreal (Apr 23)
- Re: Bash Bug Ph. Rueegsegger (Apr 23)
- <Possible follow-ups>
- Re: Bash Bug Henrik Nordstrom (Apr 22)