Path: utzoo!utgpu!watmath!clyde!att!ucbvax!husc6!rice!sun-spots-request
From: JONESD@kcgl1.eng.ohio-state.edu (David Jones)
Newsgroups: comp.sys.sun
Subject: Re: Yet another finger hole
Message-ID: <1086@accelerator.eng.ohio-state.edu>
Date: 3 Dec 88 22:42:34 GMT
References: <8811112032.AA22990@natinst.uucp>
Sender: usenet@rice.edu
Organization: Rice University, Houston, Texas
Lines: 10
Approved: Sun-Spots@rice.edu
Original-Date: 23 Nov 88 00:39:34 GMT
X-Sun-Spots-Digest: Volume 7, Issue 36, message 2 of 12

I think the proper way to defeat use of symbolic links for .plan files is
to have finger check that the file it opens is actually owned by the same
uid as the user whose plan file it is supposed to be.  This requires
actual coding changes to the program, however, so it's not a very
attractive solution.

David L. Jones               |      Phone:    (614) 292-6929
Ohio State Unviversity       |      Internet:
1971 Neil Ave. Rm. 406       |               jonesd@kcgl1.eng.ohio-state.edu
Columbus, OH 43210           |               jones-d@eng.ohio-state.edu