Erik Auerswald wrote: > Bob Proulx wrote: > > The list of uids are already public in the /etc/passwd file. That file > > is already world readable. Therefore it isn't clear to me how using > > another command makes this a vulnerability. > > Using fingerd, this could disclose login names to remote attackers. > This, of course, does not apply to local invokation of some tool that > uses normal user privileges.
But in the case under discussion this could only be disclosed to remote attackers if a local user were to make that information available to them. This is no different than if a local user were to post this information to those remote attackers directly. Or mail it to them. As a local user you could copy all kinds of useful attack information onto your home web page. There isn't a way to prevent people with access to information from making it available if they want to do it. Bob
