netbsd-bugs: bin/17142: Fingerd filters out international characters

Subject: bin/17142: Fingerd filters out international characters
To: None <gnats-bugs@gnats.netbsd.org>
From: None <ben@wongs.net>
List: netbsd-bugs
Date: 06/02/2002 09:38:16
>Number:         17142
>Category:       bin
>Synopsis:       Fingerd filters out international characters
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Jun 02 06:39:00 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Ben Wong
>Release:        NetBSD-1.5.2
>Organization:
Georgia Institute of Technology
>Environment:
	
System: NetBSD hrududu.wongs.net 1.5 NetBSD 1.5 (HRUDUDU) #8: Tue May 15 04:47:24 EDT 2001 hackerb9@hrududu.wongs.net:/usr/src/sys/arch/i386/compile/HRUDUDU i386


>Description:

If a .plan file has international characters (e.g., latin1 or
unicode), the NetBSD finger daemon will clear the high-bit to make it
7-bit ASCII. RFC 1196 is quite clear on this point: characters between
128 and 255 are allowed for international data. It is up to the client
(finger) to filter out characters the terminal cannot (or should not)
reproduce.

>How-To-Repeat:

* Create an 8-bit .plan file. Latin-1 is sufficient, but here's unicode:

  echo "NetBSD \M-c\M^A\M-/\M-e\M^[\M-=\M-i\M^Z\M^[\M-g\M^Z\M^D\M-e\M^A\M-=\M-c\M^B\M^J\M-c\M^A\M-*\M-c\M^A\M^O\M-c\M^A\M-'\M-c\M^A\M^B\M-c\M^B\M^K" | unvis > ~/.plan

* Start up an xterm that can display unicode characters:

  xterm -u8 -fn '-misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso10646-1'

* Turn on the fingerd in /etc/inetd.conf

* Try using finger to see the plan. It is mangled.

* Try using cat to see the plan. It works.


>Fix:

RFC 1196 recommends putting the filtering into the client instead of
the server. That way a user (or a sysadmin at an international site)
can choose to not filter the data.

RFC 1196: 3.3.  Client security

   It is expected that there will normally be some client program that
   the user runs to query the initial RUIP.  By default, this program
   SHOULD filter any unprintable data, leaving only printable 7-bit
   characters (ASCII 32 through ASCII 126), tabs (ASCII 9), and CRLFs.
   This is to protect against people playing with terminal escape codes,
   changing other peoples' X window names, or committing other dastardly
   or confusing deeds.  Two separate user options SHOULD be considered
   to modify this behavior, so that users may choose to view
   international or control characters:

      -    one to allow all characters less than ASCII 32

      -    another to allow all characters greater than ASCII 126

   For environments that live and breathe international data, the system
   administrator SHOULD be given a mechanism to enable the latter option
   by default for all users on a particular system.  This can be done
   via a global environment variable or similar mechanism.
>Release-Note:
>Audit-Trail:
>Unformatted: