[2551] in bugtraq
Re: SunOS 4.1.4 fingerd
daemon@ATHENA.MIT.EDU (Steve Coleman - SEWP)
Fri May 17 12:39:23 1996
Date: Fri, 17 May 1996 12:08:01 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Steve Coleman - SEWP <scoleman@sewp.nasa.gov>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: (Your message of Fri, 17 May 1996 09:53:17 +0300.)
<199605170653.JAA26983@voxopm.minedu.fi>
Excerpts from what Niko Makila said:
|But, actually I recall that this was originally a feature: you could
|finger people by their room number (or was that phone?), too. Seeing
|that this probably never worked except in Berkeley, it's amazing that
|that piece of code was never removed. Oh well, maybe it isn't that
|amazing after all...
|
| //niko
I believe that the feature was to scan the login name field and if a match
was not found to scan the gecos field for any partial information it could
match on. Is it possible that the '.' and '@' are just forms of a regular
expression or wildcard matching? If so then how many other wildcards are
there to grep the password file?
Steve Coleman -- scoleman@sewp.nasa.gov
vox: 301.286.7636 fax: 301.286.1619
