Re: report finger gives long list of users

[Meritt James <meritt_james () BAH COM>]

HP boxes had interesting expansions of wildcards in finger, too, a few
years ago.  Bet a lot of places still use those systems.

warning3 wrote:
> If you use digits as username, Solaris "finger" will list the users who hav=
> e not
> configured full name in /etc/passwd.
>
> I heard that DG-UX  has this "feature" too.
>
> [root@ /]> uname -sr
> SunOS 5.6
> [root@ /]> cat /etc/passwd
> root:x:0:1:Super-User:/:/bin/bash
> daemon:x:1:1::/:
> bin:x:2:2::/usr/bin:
> sys:x:3:3::/:
> adm:x:4:4:Admin:/var/adm:
> lp:x:71:8:Line Printer Admin:/usr/spool/lp:
> smtp:x:0:0:Mail Daemon User:/:
> uucp:x:5:5:uucp Admin:/usr/lib/uucp:
> nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
> listen:x:37:4:Network Admin:/usr/net/nls:
> nobody:x:60001:60001:Nobody:/:
> noaccess:x:60002:60002:No Access User:/:
> nobody4:x:65534:65534:SunOS 4.x Nobody:/:
> blah:x:501:100::/export/home/blah:/bin/sh
>
> [root@ /]> finger 1234567@localhost
> [localhost]=20
> Login       Name               TTY         Idle    When    Where
> daemon          ???                         < .  .  .  . >
> bin             ???                         < .  .  .  . >
> sys             ???                         < .  .  .  . >
> blah            ???            pts/1        <Mar  7 21:55> xx.xx.xx.xx =20
>
> ---Original Message---
> =46rom : "Larry W. Cashdollar" <lwc () VAPID DHS ORG>
> Date : Fri, 23 Mar 2001 12:37:12 -0500
>
> > This is actually an old problem where you could finger 0@sunhost and get =
> a
> > list of users.  It appears it still works for solaris 2.7, not sure about
> > 2.8.
> > =20
>
> =20
> Regards,
> warning3 <warning3 () nsfocus com>
> http://www.nsfocus.com

--
James W. Meritt, CISSP, CISA
Booz*Allen & Hamilton
phone: (410) 684-6566