-----BEGIN PGP SIGNED MESSAGE-----
Quick note to tell that a new version of sfingerd is out :
The support procs have been fixed to work with Sun OS.
It should now work fine (script included) on HPUX, SunOS, Solaris,
NetBSD, Linux and probably others too..
The C part is now very stable and I trust it is very safe.
The support scripts to create the static files distributed by sfingerd
from the regular finger output might need some tweeking to match the
particularities of your system, but most of the work is done now I
Below is again the CHANGES and README files,
--- sfingerd-1.6 CHANGES file ---
sfingerd - Version history - by dl
1.6 - 'make-files' script was not working on SunOS .. different ls output...
awk syntax is different ! now needs configuration...
little doublon removed, and same fixes as 'make-files' in 'update-files'
1.5 - Added optional "header" to all replies
Added more filtering (to avoid getting 'old' user~ files,....)
added a support proc for auto update (can be used also for paranoiac
mode if you don't want that users get direct access to the $user
1.4 - Added 'fishy' .plan detection, fixed a misplaced endif in 'make-files'
1.3 - fixed and improved 'make-files' script - moved the default answers
1.2 - changed name, tar file, makefile, doc, auxiliary procs...
1.1 - working, as a single C file.
1.0 - first 'almost' working C file.
--- sfingerd-1.6 README file ---
Vers 1.6.3 - 10 May 94
sfingerd intends to be a secure replacement for the standard
unix finger daemon. the goal is to have the smallest & safest
At first I had removed fingerd from my host, because I found
that giving away to the world informations such as last login,
account names, ...etc... were security threats.
to inform about email, project, pgp keys, ...etc...
So I searched a finger daemon that could be customized in order
to reduce such risks... GNU fingerd looks perfect, but it is *huge*
and I'm not even sure it does what i want : ie only distribute
to the world static files, and no real time information about my host.
Availability, disclaimer, etc...
So I wrote 'sfingerd', I use it here, if you want to use it , feel free
I gladly accept also comments, suggestions, etc...
I don't promise its 100% safe, I made my best, and I hope everybody
can easily look at the source and point me toward any possible problem
so I can fix it for the benefits of everybody (including me as I run it!)
*warning* read carefully the instructions in sfingerd.c, a badly
configured sfingerd can be UNSAFE.
Please check the source before running it. Get the latest version
It is GNU like free software.
The source code is written by me, Laurent Demailly,
It comes AS IS - no warranty, etc...
Carefully read & edit sfingerd.c,
make, edit the 'make-files' script, run it, change the inetd.conf to use
the new daemon, test it, check syslog... tell your user to adjust
$CHROOT_PATH/<username> to their needs.
Or use 'update-files' script regulary, for an auto-update...
Note 1 - sfingerd distribution now includes PGP signed md5 CHECKSUMS
Note 2 - read CHANGES file to get info about new features
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
<A HREF="http://www.obspm.fr/~dl/">Laurent Demailly</A> - finger for PGP key