#!/usr/bin/perl -Tw
# Author          : C Matthew Curtin <cmcurtin@interhack.net>
# Created On      : <1999/02/01 20:28:17 cmcurtin>
# Last Modified By: $Author: cmcurtin $
# Last Modified On: $Date: 2000/02/11 18:17:33 $
# Update Count    :
# Status          : Verhappified
# $Id: crfingerd.pl,v 1.4 2000/02/11 18:17:33 cmcurtin Exp $

use strict;

undef %ENV;

my $user = <STDIN>;     # Sockets and DOS derivatives will have \r\n
chomp $user;            # Unix will have \n.  Macs will have \r.
chomp $user;            # Kill 'em all with chomp()s.

if ($user eq "") {
  print "Must provide username.\n";
} else {
  my @pwent = getpwnam($user);
  if (scalar (@pwent) == 0) {
    print "The address you have fingered, $user, has been disconnected\n";
    print "or has never been here. Please make a note of it.\n";
  } elsif ($pwent[8] eq "/chroot") {
    system("/usr/sbin/chroot", "/chroot", "/bin/wrapped/finger", "$user");
  } else {
    system("/usr/bin/finger", "$user");


=head1 NAME

crfingerd -- A chroot-aware replacement for B<fingerd>.


B<crfingerd> can be used to replace B<fingerd>.  It was specifically
made to work on systems whose users might have home directories are in
B<chroot> environments, and therefore will not work with the standard


B<crfingerd> should be invoked by B<inetd>.  Replace the B<fingerd>
line in your F<inetd.conf> with this.  Note that this assumes
B<crfingerd> is installed in B</usr/local/sbin>.

 finger  stream  tcp  nowait  nobody   /usr/local/sbin/crfingerd   cfingerd

=head1 BUGS

None are known.  Note that this uses I<taint-checking> feature
provided by Perl (via B<-T>) and avoids the use of a shell, thus
radically reducing the liklihood of there being any security-related
bugs that could be exploited.  Furthermore, if you follow our
installation recommendations, this program will be running as
I<nobody>, a user with essentially no privileges on the system.

=head1 AUTHOR

Copyright (c) 1999, 2000 Matt Curtin, B<http://www.interhack.net/>.

Do whatever you want with this program, except one thing:
you may not repackage it and call it your own.  My original
authorship and copyright notice must remain intact with any
version or derivative work.  Is that asking too much?

If you do hack it to do something more useful, please throw me
mail at cmcurtin@interhack.net.  Thanks!