> My home directory isn't publicly readable, but I want to have a .plan or
> .project file.  I've changed identd.conf to run fingerd as root.  Are there
> any security problems with this?

if anyone else has an account on the machine, there are most definitely
problems.  they can read any file on the machine by symlinking their
.plan or .profile to the file and fingering themselves.

my university admins made fingerd root once.  i found this hole and
sent them anonymous mail about it (it wasn't safe to tell them about
holes...).  the root daemon disappeared within minutes...


--
Hume Smith   <hclsmith@isisnet.com>  Alumnus Against Advantage Acadia