[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: Finger applet?
From: walter harms <wharms () bfs ! de>
Date: 2006-04-30 14:30:17
Message-ID: 4454C9F9.4060809 () bfs ! de
[Download RAW message or body]
of cause this does not work work (my kmem if also 600).
the point is that you can play games with .plan and .project
that were used to confuse unsuspecting users.
computers are much saver now but i do not see a need for finger.
re,
walter
Rich Felker wrote:
> On Sat, Apr 29, 2006 at 06:42:06PM +0200, walter harms wrote:
>> security:
>> finger return login information and may used to check for presens on a
>> remote machine.
>>
>> i read .project and .plan that can be fatal if you do evil things like
>> ln -s /proc/kmem ~/.plan feel free to expand the idea.
>
> This is utter nonsense. If you're running fingerd as root you get what
> you deserve. This is not a vulnerability in finger but a PEBKAC error
> from id-10-t users setting the wrong permissions.
>
> Rich
>
> _______________________________________________
> busybox mailing list
> busybox@busybox.net
> http://busybox.net/cgi-bin/mailman/listinfo/busybox
>
>
>
_______________________________________________
busybox mailing list
busybox@busybox.net
http://busybox.net/cgi-bin/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic