Finger applet?
Rich Felker
dalias at aerifal.cx
Sat Apr 29 21:42:35 UTC 2006
On Sat, Apr 29, 2006 at 06:42:06PM +0200, walter harms wrote:
>
> security:
> finger return login information and may used to check for presens on a
> remote machine.
>
> i read .project and .plan that can be fatal if you do evil things like
> ln -s /proc/kmem ~/.plan feel free to expand the idea.
This is utter nonsense. If you're running fingerd as root you get what
you deserve. This is not a vulnerability in finger but a PEBKAC error
from id-10-t users setting the wrong permissions.
Rich
More information about the busybox
mailing list