This is the README for finger.1.04.N.bs.tar.gz [Download] [Browse] [Up]
This archive contains version 1.04 of the sources, executables and man
pages for replacements of the finger and finger daemon supplied by
NeXT.
WARNING: Versions of this package prior to version 1.04 contain a
potential security problem which could allow local users unauthorized
access to local files. This hole has been removed in this release.
Every user of an earlier version if _very_ strongly encouraged to
upgrade which should imply nothing more than a 'make install' while
logged in as root.
Why switch ?
------------
1. The supplied finger and fingerd are based upon the BSD network
release 2 sources, not the antediluvian ones used by NeXT. This means
that the output format will in general be more pleasant, compact and
complete that the rather grungy one used by the NeXT supplied finger.
2. This finger/fingerd combination has been modified to understand
executable .plan, .project and .forward files. Instead of being
displayed these files will be executed if their execute bit is set.
This allows you to greatly and easily customize your responses upon
being fingered. Possibilities which come to mind are fortune cookies,
chained fingers to other hosts, or simply alerting you to the fact
that you've been fingered.
This solution for the same problem has at least three advantages over
the commonly used one of named pipes.
a) Named pipes require a constantly running daemon process
b) This solution also works if the home directories are NFS
mounted
c) NeXT doesn't support named pipes.
3. In addition, my modified finger daemon reliably finds the host name
of the fingerer and also the user name of the fingerer if the remote
site supports the RFC931 user authentication protocol. The executable
.plan, .project and .forward files will receive the Internet address
of the fingerer as their first argument.
4. Despite these additions the binaries of the modified finger and
fingerd are only half the size of the unmodified ones.
Installation
------------
The complete sources for both finger and fingerd are in this archive.
To recompile fingerd however requires the authuser library which is
freely available in the nidentd2.0.tar.Z package available from all
major NeXT ftp sites.
Fingerd can be installed anywhere, though /usr/local/etc seems like a
good place. Finger must be installed in /usr/local/bin as its path is
hardcoded into fingerd. Finger should be installed set-uid root. To
enable the new fingerd, you have to modify /etc/inetd.conf. An
unmodified inetd.conf should contain a line like this:
finger stream tcp nowait nobody /usr/etc/fingerd fingerd
Change this to:
finger stream tcp nowait root /usr/local/etc/fingerd fingerd
Now, to have these changes take effect
% kill -HUP <pid of inetd>
or simply reboot.
If you are very security conscious, you can also install the modified
finger without set-uid root and the keep the "nobody" in the
/etc/inetd.conf file, but you will lose the ability to execute files
from finger.
The man pages for this distribution have been typeset using the new
nroff macros from the BSD network release 2 which means that the
standard NeXT man will not understand them. You can either get the new
macros from ftp.uu.net:/packages/bsd-sources or use the pre-formatted
man pages in this archive.
Warnin
-------
The .plan and .project files are only read by finger, so you can of
course put whatever binary you want there. But the .forward file is
also used by sendmail and placing a random binary there might look
cute when you are fingered, but might seriously confuse sendmail. As a
matter of fact, if anybody finds reasonable use for having an
executable .forward file, I'd be grateful if he lets me know about it.
If you have any other questions regarding these programs, feel free to
email me. If you want to have see how the modified finger looks and
what it can do try fingering cedman@714-725-3165.nts.uci.edu.
Carl Edman
<cedman@golem.ps.uci.edu>
These are the contents of the former NiCE NeXT User Group NeXTSTEP/OpenStep software archive, currently hosted by Netfuture.ch.