Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!ucsd!sdd.hp.com!uakari.primate.wisc.edu!aplcen!haven!ni.umd.edu!sayshell.umd.edu!louie
From: louie@sayshell.umd.edu (Louis A. Mamakos)
Newsgroups: comp.unix.wizards
Subject: Re: special files as .plans?
Keywords: ln
Message-ID: <1990Aug28.214615.4265@ni.umd.edu>
Date: 28 Aug 90 21:46:15 GMT
References: <1990Aug24.224727.26823@boingo.med.jhu.edu> <7391@star.cs.vu.nl> <361@pacer.UUCP>
Sender: usenet@ni.umd.edu (USENET News System)
Organization: The University of Maryland, College Park
Lines: 22
Nntp-Posting-Host: sayshell.umd.edu

In article <361@pacer.UUCP> davidb@Pacer.UUCP (David Barts) writes:
>In article <7391@star.cs.vu.nl>, maart@cs.vu.nl (Maarten Litmaath) writes:
>> He forgot to deal with normal files.  The real bug is fingerd running as
>> root: root can open any (local) file...  (Think about it!)
>
>And how about a nice symbolic link to /etc/passwd?

It seems that the only way that the .plan file could be a symbolic is if that
user made is such.  He could have just as easily copied /etc/passwd into his
.plan file and saved the trouble of following the symbolic link.

If you can't trust your users from giving away the farm, they you've got
other problems.  You'll likely want to think about shadow password files
under those circumstances.

Fingerd only runs as `root' on brain-damaged operating systems.  Grab
the 4.3BSD inetd (and cron, for that matter) which allow you to
specify the user that the daemons will be run as.  We beat up on DEC
frequently about this (every Ultrix field test), and somehow it seems
impossible to convince them that this is a good idea and a `feature.'

louie