summaryrefslogtreecommitdiffstats
path: root/usr.bin/finger
diff options
context:
space:
mode:
authorobrien <obrien@FreeBSD.org>1999-05-08 00:46:06 +0000
committerobrien <obrien@FreeBSD.org>1999-05-08 00:46:06 +0000
commit228630557e264fa21523fca2b99e3adb69518f69 (patch)
tree8fc4bf3481272909ee2970d66818dd1836a1f400 /usr.bin/finger
parent4f9e07b1eda52b7cb82d30035cc56eb06b2ab297 (diff)
downloadFreeBSD-src-228630557e264fa21523fca2b99e3adb69518f69.zip
FreeBSD-src-228630557e264fa21523fca2b99e3adb69518f69.tar.gz
Impliment elements of TCP Wrappers's `safe_finger'.
* if run by root (or root process) drop privs * ensure output size is not infinate (net finger only) * ensure output lines are not infinate in length (net finger only) * do not allow finger client to run longer than 3 minutes (net finger only)
Diffstat (limited to 'usr.bin/finger')
-rw-r--r--usr.bin/finger/finger.c13
-rw-r--r--usr.bin/finger/finger.h6
-rw-r--r--usr.bin/finger/net.c29
3 files changed, 46 insertions, 2 deletions
diff --git a/usr.bin/finger/finger.c b/usr.bin/finger/finger.c
index 091ac16..8a2cb2b 100644
--- a/usr.bin/finger/finger.c
+++ b/usr.bin/finger/finger.c
@@ -55,7 +55,7 @@ static char copyright[] =
static char sccsid[] = "@(#)finger.c 8.5 (Berkeley) 5/4/95";
#else
static const char rcsid[] =
- "$Id$";
+ "$Id: finger.c,v 1.12 1997/07/02 06:34:48 charnier Exp $";
#endif
#endif /* not lint */
@@ -154,6 +154,17 @@ main(argc, argv)
{
int envargc, argcnt;
char *envargv[3];
+ struct passwd *pw;
+
+ if (getuid() == 0 || geteuid() == 0) {
+ if ((pw = getpwnam(UNPRIV_NAME)) && pw->pw_uid > 0) {
+ setgid(pw->pw_gid);
+ setuid(pw->pw_uid);
+ } else {
+ setgid(UNPRIV_UGID);
+ setuid(UNPRIV_UGID);
+ }
+ }
(void) setlocale(LC_ALL, "");
diff --git a/usr.bin/finger/finger.h b/usr.bin/finger/finger.h
index b8538fa..a3209cb 100644
--- a/usr.bin/finger/finger.h
+++ b/usr.bin/finger/finger.h
@@ -34,6 +34,7 @@
* SUCH DAMAGE.
*
* @(#)finger.h 8.1 (Berkeley) 6/6/93
+ * $Id$
*/
typedef struct person {
@@ -62,4 +63,9 @@ typedef struct where {
char host[UT_HOSTSIZE+1]; /* null terminated remote host name */
} WHERE;
+#define UNPRIV_NAME "nobody" /* Preferred privilege level */
+#define UNPRIV_UGID 32767 /* Default uid and gid */
+#define OUTPUT_MAX 100000 /* Do not keep listinging forever */
+#define TIME_LIMIT 360 /* Do not keep listinging forever */
+
#include "extern.h"
diff --git a/usr.bin/finger/net.c b/usr.bin/finger/net.c
index 7d7b25c..c4698b4 100644
--- a/usr.bin/finger/net.c
+++ b/usr.bin/finger/net.c
@@ -39,7 +39,7 @@
static char sccsid[] = "@(#)net.c 8.4 (Berkeley) 4/28/95";
#else
static const char rcsid[] =
- "$Id: net.c,v 1.9 1997/08/01 20:10:44 wollman Exp $";
+ "$Id: net.c,v 1.10 1998/06/09 04:30:40 imp Exp $";
#endif
#endif /* not lint */
@@ -58,12 +58,23 @@ static const char rcsid[] =
#include <ctype.h>
#include <string.h>
#include <sys/uio.h>
+#include <signal.h>
+#include <limits.h>
#include "finger.h"
void
+cleanup(sig)
+ int sig;
+{
+ exit(0);
+}
+
+void
netfinger(name)
char *name;
{
+ int cnt;
+ int line_len;
extern int lflag;
extern int Tflag;
register FILE *fp;
@@ -80,6 +91,8 @@ netfinger(name)
if (!(host = rindex(name, '@')))
return;
*host++ = '\0';
+ signal(SIGALRM, cleanup);
+ (void) alarm(TIME_LIMIT);
if (isdigit(*host) && (defaddr.s_addr = inet_addr(host)) != -1) {
def.h_name = host;
def.h_addr_list = alist;
@@ -152,7 +165,14 @@ netfinger(name)
*/
lastc = 0;
if ((fp = fdopen(s, "r")) != NULL) {
+ cnt = 0;
+ line_len = 0;
while ((c = getc(fp)) != EOF) {
+ if (++cnt > OUTPUT_MAX) {
+ printf("\n\n Output truncated at %d bytes...\n",
+ cnt - 1);
+ break;
+ }
if (c == 0x0d) {
if (lastc == '\r') /* ^M^M - skip dupes */
continue;
@@ -171,6 +191,13 @@ netfinger(name)
}
}
putchar(c);
+ if (c != '\n' && ++line_len > _POSIX2_LINE_MAX) {
+ putchar('\\');
+ putchar('\n');
+ lastc = '\r';
+ }
+ if (lastc == '\n' || lastc == '\r')
+ line_len = 0;
}
if (lastc != '\n')
putchar('\n');
OpenPOWER on IntegriCloud