Peter M Allan wrote:

These messages have been sent about fingerd. My preference for fiddling with remote fingers is to leave fingerd as supplied by the vendor (run by "nobody") and replace the finger program itself. It can be made to recognise when it is being run by "nobody" and behave differently from when run by another user.

Source at the end of this file. (Bashed out fairly quickly starting from a utmp-eraser I made for a luser who wouldn't tolerate wall messages from shutdown.)

I have (among other things) an extension to TCP-wrappers (a new hosts_access.c file), and a prog to find disk space wasted by duplicated files. (mail me with Subject: "send goodies" for these.) /* * * compile and test myfinger * * cc -C -o myfinger myfinger.c * * * (assuming the standard finger is /usr/ucb/finger) * cp /usr/ucb/finger /usr/ucb/finger.real * cp myfinger /usr/ucb/finger * * * (if using TCP wrapper reverse-fingers, make them NOT nobody, * but another id such as nobody2.) * * I disclaim any disasters........ * */

/* * * my finger program - local only, to be less informative than /usr/ucb/finger * */

#undef _utmp_h #define TRUE 1 #define FALSE 0 #define FAKE 1 #define WIPE 2 #define UTMP "/etc/utmp"

#include <stdio.h> #include <pwd.h> #include "utmp.h" #include <lastlog.h>

main(argc, argv, env) int argc; char **argv; char **env; { int i, listed; struct passwd *pwent;

if (argc < 1) exit(0); /* beat sneaks */

argc is never less than one.

/* If run by "nobody" (uid=65534) assume this is a remote finger */ /* otherwise run the standard finger command */ if (65534!=getuid()) { execv("/usr/ucb/finger.real", argv); /** if we get here exec failed, so we default to my finger **/

igor