ffingerd - secure finger daemon

(Warning: This is software from 1996 that has been hacked over and extended since then. It will be replaced with a clean rewrite using libdjb soon)

Download ffingerd-1.28.tar.bz2! The current version is 1.28. Recent changes: potential local buffer overflows fixed, included mkinstalldirs again.

Carlo Woods submitted this spec file for RPM users.

"ffingerd" is a simple finger daemon written with security in mind. The features are:

  1. Does not need to be run as root
  2. Does not support indirect queries
  3. Does not allow global queries ("finger @bighost")
  4. Users can disallow finger queries by creating the file ~/.nofinger
  5. Does not view sensitive information like the home directory or the shell.
  6. Displays .plan, .project and .pubkey (for PGP/GnuPG/PEM public keys)

Please note that ffingerd does not try to limit the number of ffingerd processes running at the same time. That is the job of inetd. If your inetd lacks support for this, I recommend xinetd or tcpserver.

ffingerd was written under Linux but should compile on any Unix derivative.

ffingerd is apparently part of the Enoch and Jurix Linux distributions and it can be found all around the globe.