ffingerd - Fefe's small and secure finger daemon

   This finger daemon is meant to be invoked via inetd, just like the
   standard finger daemon.  I wrote this program because the standard
   finger daemon allows several things I don't like, namely :

     evil.com$ finger root@poor.victim.com@innocuous.edu
       - which is like "finger root@poor.victim.com", but the finger
         originates from innocuous.edu instead of evil.com
     evil.com$ finger @poor.victim.com
       - which lists all the users logged into poor.victim.com, so an
	 intruder can look whether someone is logged in who could detect
	 his intrusion
     evil.com$ finger luser@poor.victim.com
     Login: luser                            Name: J. Random Luser
     Directory: /home/luser                  Shell: /bin/sh
     Last login Thu Nov  2 01:49 (MET DST) on ttyp3 from other.victim.com
     No mail.
     No Plan.
       - Why should finger give away the home directory and the login shell
         of all the lusers ?  The "Last login" information should not be
	 given away, too, as it can be used to find seldom used accounts
	 which can safely be cracked into.  I don't think we should tell
	 the fingeree whether luser has mail.

  This is this finger daemon's output:
    evil.com$ finger root@poor.victim.com@innocuous.edu
    [innocuous.edu]
    Sorry, we do not support indirect finger queries.
    evil.com$ finger @poor.victim.com
    [poor.victim.com]
    Sorry, we do not support empty finger queries for security reasons.
    evil.com$ finger luser@poor.victim.com
    [poor.victim.com]
    Login: luser                              Name: J. Random Luser
    No project.
    No plan.
    No PGP public key.
    evil.com$ finger root@poor.victim.com
    [poor.victim.com]
    That user does not want to be fingered

  That last message appears when the fingered user has the file
  ".nofinger" in his home.  The PGP public key is the file ".pubkey"
  which is treated just like the ".plan" file.

  Fingerd creates several syslog messages if something suspicious
  happens :

  Nov  3 19:13:21 xorn fingerd[1033]: attempt to finger root from 127.0.0.1 
  Nov  3 19:14:12 xorn fingerd[1052]: empty finger attempt from 127.0.0.1 
  Nov  3 19:15:53 xorn fingerd[1077]: indirect finger attempt at root@localhost from 127.0.0.1 
  Aug 26 00:51:11 xorn syslog: file "/home/leitner/.plan" is a symbolic link to "/etc/shadow"! 


Credits:
  Felix von Leitner <felix@fefe.de>
  [Fefe] wrote ffingerd and the gruesome install.conf script.

  Andreas Bogk <bogk@inf.fu-berlin.de> wrote the Autoconfig support
  (have a look at configure.in and you can see why I am very grateful
   for that !)

Tests:
  This daemon was tested and worked ok under :

    Linux
    Linux/ELF
    HP-UX 9 on 700,800 and 300 series HP's
    IRIX 5
    NeXTSTEP 3
    Solaris 2
    SunOS 4
    AIX 3
    Even the very pinnacle of technical evolution, Control Data EP/IX, works.

