|
----- Forwarded message from sa2c@and.or.jp -----
From: sa2c@and.or.jp
To: FreeBSD-gnats-submit@freebsd.org
Subject: bin/21704: enabling fingerd makes files world readable
>Number: 21704
>Category: bin
>Synopsis: enabling fingerd makes files world readable
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Oct 02 11:50:00 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator: NIIMI Satoshi
>Release: FreeBSD 4.1.1-RELEASE i386
>Organization:
>Environment:
FreeBSD berkeley.us.and.or.jp 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE #0: Wed Sep 27
00:28:17 JST 2000 sa2c@berkeley.us.and.or.jp:/usr/obj/usr/src/sys/GENERIC i386
>Description:
If finger takes full path name as user name, it prints out contents of
that file. Because fingerd executes finger as local information
provider, finger /path/to/file@some.host prints /path/to/file at
some.host.
>How-To-Repeat:
finger /path/to/file@some.host
>Fix:
Index: finger.c
===================================================================
RCS file: /home/ncvs/src/usr.bin/finger/finger.c,v
retrieving revision 1.15.2.3
diff -u -r1.15.2.3 finger.c
--- finger.c 2000/09/15 21:51:00 1.15.2.3
+++ finger.c 2000/10/02 18:04:06
@@ -318,26 +318,19 @@
/*
* Traverse the list of possible login names and check the login name
- * and real name against the name specified by the user. If the name
- * begins with a '/', try to read the file of that name instead of
- * gathering the traditional finger information.
+ * and real name against the name specified by the user.
*/
if (mflag)
for (p = argv; *p; ++p) {
- if (**p != '/' || !show_text("", *p, "")) {
- if (((pw = getpwnam(*p)) != NULL) && !hide(pw))
- enter_person(pw);
- else
- warnx("%s: no such user", *p);
- }
+ if (((pw = getpwnam(*p)) != NULL) && !hide(pw))
+ enter_person(pw);
+ else
+ warnx("%s: no such user", *p);
}
else {
while ((pw = getpwent()) != NULL) {
for (p = argv, ip = used; *p; ++p, ++ip)
- if (**p == '/' && *ip != 1
- && show_text("", *p, ""))
- *ip = 1;
- else if (match(pw, *p) && !hide(pw)) {
+ if (match(pw, *p) && !hide(pw)) {
enter_person(pw);
*ip = 1;
}
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
----- End forwarded message -----
--
* Fido: 2:480/124 ** WWW: http://www.freebsd.lublin.pl ** NIC-HDL: PMF9-RIPE *
* Inet: venglin@freebsd.lublin.pl ** PGP: D48684904685DF43 EA93AFA13BE170BF *
|
