[1178] in linux-security and linux-alert archive
Re: [linux-security] Cfinger (Yet more :)
daemon@ATHENA.MIT.EDU (David Holland)
Tue Sep 24 17:52:06 1996
From: David Holland <dholland@hcs.HARVARD.EDU>
To: gtaylor+linsec092096@picante.com (Grant Taylor)
Date: Mon, 23 Sep 1996 13:58:06 -0400 (EDT)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199609201728.NAA20513@pace.picante.com> from "Grant Taylor" at Sep 20, 96 01:28:20 pm
> When I decided I needed a cluster-saavy finger daemon, I did rather
> the opposite. I looked at gnu/icsi fingerd, and my vendor's fingerd,
> and decided to write my own.
As have I, at least twice.
> My little fingerd is extremely simple, and is intended to be
> relatively secure while still returning who's where on my machines.
> Rather than trust cfinger or rehash the same idea, I took the easy way
> out - this fingerd reads information from /var/rwho.
Aside from the fact that the standard rwho protocol is a complete
loss, this isn't a bad idea. The only problem is that rwho doesn't
give last login information. This may or may not be an issue.
I wrote a better rwho system, and a finger system to go along with it,
for the local computer center a couple years ago. I'm working on
trying to shake loose permission to release it.
(Also, why the fuss about fingerd? fingerd is just a wrapper that runs
finger.)
--
- David A. Holland | Number of words in the English language that
dholland@hcs.harvard.edu | exist because of typos or misreadings: 381