(RUIP
)
of the the Finger (or Name) protocol, specified in
RFC 1288.
The Finger protocol provides a remote interface to programs which
display information on system status and individual users. The protocol
imposes little structure on the format of the exchange between client
and server. The client provides a single command line to the
fingerd
server which normally returns a friendly human-oriented status report
listing the users of the system at the moment, or an in-depth report of
information about a particular user.
fingerd
is designed to be started by
inetd(8)
,
which is normally configured to start
fingerd
when a client opens a connection to
TCP
port #79.
fingerd
reads a single
ASCII
carriage-return and linefeed terminated command line from the client.
fingerd
uses an access control file (see below) to see if user listings from the
originating host (and optionally the originating user) are permitted,
and what permissions are granted to the client host (and user). If user
listings are allowed, and if the request sepcifies a user-name
fingerd
checks to see if that user-name is listed in a users file (see below).
If the requested user name is listed in the users file then the program
specified for that user-name is run. Otherwise the
finger(1)
program is run with the appropriate options. Output from whichever
program is run is passed back to to the client.
/etc
).
syslog(3)
at
LOG_NOTICE
priority using the
LOG_DAEMON
facility.
~/.plan
or
~/.project
files in
``long''
listings.
finger(1)
.
The program must be specified by its fully qualified pathname.
/etc/fingerd.motd
.
/etc/fingerd.acl
.
The format of the file is:
client-user@[. client-host-name ] permission
fingerd
attempts to match the remote user's name (if available from an
``ident''
query, and if specified) and the remote host's name with what is in the
access file. If a match is found,
``permission''
is used to process the request. Both the
``client-user''
and the
``client-host-name''
can either be literal strings or wildcard expressions (ala
sh(1)
``glob''
patterns). The first line to match the request is the one used to set
the permissions.
The value of ``permission'' must be one of the following:
~/.plan
,
etc. files (same as
-p).
Command line options set the global defaults and cannot be reset with the access file, but access file permissions allow specific refinement of options.
/etc/fingerd.users
.
The format of the file is:
name program[ args ...]
Lines beginning with
``#
''
are ignored.
The value of ``name'' is the user-name to match against. This must be a literal match; wildcards and regular expressions are not accepted. The
The remainder of the line,
``program[ args ...]''
should consist of the full pathname of the program to run and the
arguments you wish to give it. If you specify
``%U
''
anywhere it will be replaced with the remote user's name. If you
specify
``%H
''
it will be replaced with the remote host's name. To pass a literal
``%
''
to a command you can prepend it with another
``%
''.
/etc/fingerd.motd
/etc/fingerd.acl
/etc/fingerd.users
finger(1)
,
inetd(8)
,
syslog(8)
Zimmerman, David, The Finger User Information Protocol, RFC 1288, Center for Discrete Mathematics and Theoretical Computer Science, Rutgers University, December 1990.
This version of fingerd is known separately as ``$Name: $''.
shanzer@foobar.com
>
all comments and suggestions are welcome!
Thanks to Kevin Ruddy
<smiles@powerdog.com
>
for the wildcard library.
Thanks to Kelly DeYoe
<kelly@nine.org
>
for the patches (the nomatch code) and suggestions.
Thanks to Wietse Venema
<wietse@wzv.win.tue.nl
>
for the rfc931 code.
Thanks to Christine Flemming
<jones@csh.rit.edu
>
for helping with the manual page.
Greg A. Woods
<woods@planix.com
>
did a major re-write, improving the error handling and implementing more
options, as well as translating the manual to
mdoc(7)
format.
%H
''
and
``
%U
''
in the
``users''
file is pretty primitive and broken.
On some systems (at least SunOS 4.1.3)
inetd(8)
only passes a maximum of four(4) command line options to the daemon it
runs, so you should condense command line options.
So instead of using:
``fingerd -f -s -l -u
''
use
``fingerd -fslu
''.
Trusting and similar ``ident'' protocol results is a silly thing to do, especially for hosts you don't directly control.
There should be some way to return only the very minimum required amount of information, i.e. the user's full name (as per RFC 1288 Section 3.2.3). The combination of -S and -g comes close, but still reveals the users's login terminal, time, and idleness with most implementations of finger.
RFC 1288 suggests that the ``user list'' feature be disabled to avoid giving away potentially sensitive information about the users of a system. Similarly it is recommended that the -m option be used to prevent finger from attempting to find a matching user name. Administrators can also prevent the display of user office locations and phone numbers by using the -g option.
RFC 1288
suggests that
RUIP
(Remote User Information Program)
servers should not send the contents of
``user information files''
and this can be prevented on most systems by using the
-p
option.
The ability to execute arbitrary programs is very dangerous and should be used only with great care, especially since it's also possible to pass information gathered from the network to these programs.