Setting .nofinger will not hide you from root.
This commit is contained in:
parent
8f3d766b5d
commit
d2e4ea2a51
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=150316
@ -48,6 +48,7 @@ extern time_t now;
|
|||||||
extern int oflag;
|
extern int oflag;
|
||||||
extern int pplan; /* don't show .plan/.project */
|
extern int pplan; /* don't show .plan/.project */
|
||||||
extern int Tflag;
|
extern int Tflag;
|
||||||
|
extern int invoker_root; /* Invoked by root */
|
||||||
|
|
||||||
void enter_lastlog(PERSON *);
|
void enter_lastlog(PERSON *);
|
||||||
PERSON *enter_person(struct passwd *);
|
PERSON *enter_person(struct passwd *);
|
||||||
|
@ -202,6 +202,7 @@ option is the only option that may be passed to a remote machine.
|
|||||||
If the file
|
If the file
|
||||||
.Pa .nofinger
|
.Pa .nofinger
|
||||||
exists in the user's home directory,
|
exists in the user's home directory,
|
||||||
|
and the program is not run with superuser privileges,
|
||||||
.Nm
|
.Nm
|
||||||
behaves as if the user in question does not exist.
|
behaves as if the user in question does not exist.
|
||||||
.Pp
|
.Pp
|
||||||
|
@ -95,6 +95,7 @@ int entries, gflag, kflag, lflag, mflag, pplan, sflag, oflag, Tflag;
|
|||||||
sa_family_t family = PF_UNSPEC;
|
sa_family_t family = PF_UNSPEC;
|
||||||
int d_first = -1;
|
int d_first = -1;
|
||||||
char tbuf[1024];
|
char tbuf[1024];
|
||||||
|
int invoker_root = 0;
|
||||||
|
|
||||||
static void loginlist(void);
|
static void loginlist(void);
|
||||||
static int option(int, char **);
|
static int option(int, char **);
|
||||||
@ -168,6 +169,7 @@ main(int argc, char **argv)
|
|||||||
static char myname[] = "finger";
|
static char myname[] = "finger";
|
||||||
|
|
||||||
if (getuid() == 0 || geteuid() == 0) {
|
if (getuid() == 0 || geteuid() == 0) {
|
||||||
|
invoker_root = 1;
|
||||||
if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) {
|
if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) {
|
||||||
setgid(pw->pw_gid);
|
setgid(pw->pw_gid);
|
||||||
setuid(pw->pw_uid);
|
setuid(pw->pw_uid);
|
||||||
|
@ -408,6 +408,7 @@ userinfo(PERSON *pn, struct passwd *pw)
|
|||||||
/*
|
/*
|
||||||
* Is this user hiding from finger?
|
* Is this user hiding from finger?
|
||||||
* If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide).
|
* If ~<user>/.nofinger exists, return 1 (hide), else return 0 (nohide).
|
||||||
|
* Nobody can hide from root.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
int
|
int
|
||||||
@ -416,7 +417,7 @@ hide(struct passwd *pw)
|
|||||||
struct stat st;
|
struct stat st;
|
||||||
char buf[MAXPATHLEN];
|
char buf[MAXPATHLEN];
|
||||||
|
|
||||||
if (!pw->pw_dir)
|
if (invoker_root || !pw->pw_dir)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER);
|
snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER);
|
||||||
|
Loading…
Reference in New Issue
Block a user