Re: cfingerd vulnerability

Alan Brown (alan@MANAWATU.GEN.NZ)
Mon, 26 May 1997 18:40:40 +1200

For those who don't want to run cfingerd, sfingerd may be better suited.

This is safe fingerd. User directories aren't looked at directly, if a
user wants to be listed, their details go into a sfingerd directory.

This gets around the privacy issues associated with finger daemons in
many countries - only those who want to be found will be found.

ftp://hplyot.obspm.fr/net/sfingerd*.tar.gz