Setting .nofinger will not hide you from root.

svn path=/head/; revision=150316

usr.bin/finger/extern.h

@@ -48,6 +48,7 @@ extern time_t now;
 extern int oflag;
 extern int pplan;			/* don't show .plan/.project */
 extern int Tflag;
+extern int invoker_root;		/* Invoked by root */
 
 void	 enter_lastlog(PERSON *);
 PERSON	*enter_person(struct passwd *);

usr.bin/finger/finger.1

@@ -202,6 +202,7 @@ option is the only option that may be passed to a remote machine.
 If the file
 .Pa .nofinger
 exists in the user's home directory,
+and the program is not run with superuser privileges,
 .Nm
 behaves as if the user in question does not exist.
 .Pp

usr.bin/finger/finger.c

@@ -95,6 +95,7 @@ int entries, gflag, kflag, lflag, mflag, pplan, sflag, oflag, Tflag;
 sa_family_t family = PF_UNSPEC;
 int d_first = -1;
 char tbuf[1024];
+int invoker_root = 0;
 
 static void loginlist(void);
 static int option(int, char **);
@@ -168,6 +169,7 @@ main(int argc, char **argv)
 	static char myname[] = "finger";
 
 	if (getuid() == 0 || geteuid() == 0) {
+		invoker_root = 1;
 		if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) {
 			 setgid(pw->pw_gid);
 			 setuid(pw->pw_uid);

usr.bin/finger/util.c

@@ -408,6 +408,7 @@ userinfo(PERSON *pn, struct passwd *pw)
 /*
  * Is this user hiding from finger?
  * If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide).
+ * Nobody can hide from root.
  */
 
 int
@@ -416,7 +417,7 @@ hide(struct passwd *pw)
 	struct stat st;
 	char buf[MAXPATHLEN];
 
-	if (!pw->pw_dir)
+	if (invoker_root || !pw->pw_dir)
 		return 0;
 
 	snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER);