Lo and behold, Alfred Perlstein once said:
>
> > > a) Add a command-line option to finger(1) and fingerd(8) telling
> > > them not to reveal user information if the user's homedir is
> > > protected.
> > >
> > > b) Similar to a), but hide such users by default.
> > >
> > > c) Don't bother at all :-)
> > >
> > > Personally, I'd prefer b) since it's most secure and seems to break
> > > nothing. Do I overlook any complications?
> >
> > Yes - it breaks the semantics of the existing fingerds that
> > people are used to. It's a gratuitious change with little benefit
> > that would simply confuse people who have a reasonable expectation
> > about what the default behavior of 'finger' should be. Don't do (b).
>
> Actually, I'd prefer (b) if it was a command line option.
>
> ie, not the default.

  And this differs from suggestion (a) in exactly what way? :)

  -Dave

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]