Note: apply this patch after egrep-finger-1.25.errmsgs.patch!

This patch fixes an exploit where a local user could create a
symlink in place of their .plan/.project file that points to
an unreadable file on the system.  The contents of this file
could then be viewed by performing a query through the daemon.

                                --Andrew

--- user.h.orig	Mon Apr 12 01:26:29 1999
+++ user.h	Mon May  3 03:30:39 1999
@@ -69,8 +69,7 @@
 /* We won't mess with the defaults:
 #define UT_LINESIZE           12
 #define UT_NAMESIZE           8
-#define UT_HOSTSIZE           16
-   we'll leave them alone! */
+#define UT_HOSTSIZE           16 */
 
 /* We define NOBODY_UID on the command line out of the Makefile. */
 /*NOBODY_UID                    99*/

Log suspicious .plan or .project files...

--- user.c.orig	Mon May  3 02:16:50 1999
+++ user.c	Mon May  3 03:29:46 1999
@@ -43,6 +43,11 @@
 #include <stdlib.h>
 #include <string.h>
 
+/* We're going to log suspicious .plan/.project files.
+   i.e. files not owned by the user it belongs to.....
+   probably a symlink to an unreadable file.           */
+#include <syslog.h>
+
 /* The following are needed for getpwnam()/getpwent(), etc */
 #include <pwd.h>
 #include <sys/types.h>
@@ -83,6 +88,7 @@
 int nbytes, bytes = MAXLOGTMFLD, done = 0, next = 0;
 static int first = 1;
 struct feature_enable feat, usrfeat;
+struct stat stat_buf;
 
   /* Parse config file for proper behavior */
   feat = allow_features (conf_file);
@@ -403,7 +409,16 @@
 	  if ((plan_fd = open(plan_file, O_RDONLY)) < 0) {
 		printf("\nNo plan.\n");
 
-	    } else {
+	  } else if ((!fstat (plan_fd, &stat_buf)) &&
+			(stat_buf.st_uid != pwent->pw_uid)) {
+		/* The .plan file is not owned by user, looks suspicious */
+		printf("\nNo plan.\n");
+		openlog ("efinger", LOG_CONS | LOG_PID, LOG_USER);
+		syslog  (LOG_WARNING, "suspicious .plan file for %s\n",
+							pwent->pw_name);
+		closelog();
+
+	  } else {
 		if (daemon_mode) {
 	  	    fflush(stdout);
 	  	    printf("\n\nPlan:\n");
@@ -437,6 +452,15 @@
           /* Check if file exists. */
           if ((project_fd = open(project_file, O_RDONLY)) < 0) {
                 printf("\nNo project.\n");
+
+          } else if ((!fstat (project_fd, &stat_buf)) &&
+                        (stat_buf.st_uid != pwent->pw_uid)) {
+                /* The .project file is not owned by user, looks suspicious */
+                printf("\nNo project.\n");
+                openlog ("efinger", LOG_CONS | LOG_PID, LOG_USER);
+                syslog  (LOG_WARNING, "suspicious .project file for %s\n",
+                                                        pwent->pw_name);
+                closelog();
 
           } else {
 	  	printf("\nProject:\n");