commit dc0be4fca8b7aae9e87a5982b1e4ab2a502d0413
Author: Paco Esteban <paco@e1e0.net>
Date: Sun, 13 Dec 2020 12:33:51 +0100
initial commit
Diffstat:
A | Makefile | | | 7 | +++++++ |
A | pinky.1 | | | 66 | ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
A | pinky.c | | | 97 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
3 files changed, 170 insertions(+), 0 deletions(-)
diff --git a/Makefile b/Makefile
@@ -0,0 +1,7 @@
+PROG = pinky
+
+SRCS += pinky.c
+
+DEBUG = -g -O2
+
+.include <bsd.prog.mk>
diff --git a/pinky.1 b/pinky.1
@@ -0,0 +1,66 @@
+.\" Copyright (c) 2020 Paco Esteban <paco@e1e0.net>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd December 13, 2020
+.Dt PINKY 1
+.Os
+.Sh NAME
+.Nm pinky
+.Nd small and hopefully secure
+.Xr finger 1
+replacement
+.Sh SYNOPSIS
+.Nm
+.Op Fl d Ar directory
+.Ar user
+.Sh DESCRIPTION
+.Nm
+is supposed to be invoked by
+.Xr fingerd 8 .
+It looks for a file named as the user in the folder specified by
+.Fl d .
+If
+.Fl d
+is not provided, the default folder is
+.Pa /var/pinky .
+.Pp
+.Nm
+uses
+.Xr unveil 2
+to limit itself to the default folder or the one provided by
+.Fl d ,
+and uses
+.Xr pledge 2
+to limit itself to
+.Va stdio
+and
+.Va rpath .
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl d Ar directory
+The folder where all the user info resides.
+.It Ar user
+The user name to get the info from.
+.El
+.Sh EXIT STATUS
+.Ex -std
+.Sh AUTHORS
+.An Paco Esteban
+.Mt paco@e1e0.net
+.Sh BUGS
+I hope not so many, as this is running in one of my servers :-)
+.Pp
+If you find horrors, send patches to:
+.Mt patches@e1e0.net
diff --git a/pinky.c b/pinky.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2020 Paco Esteban <paco@e1e0.net>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/syslimits.h>
+
+#include <err.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#define _VERSION 0.1
+#define _DEFAULT_BASE_PATH "/var/pinky"
+#define BUF_LEN 1024
+
+__dead void usage(void);
+
+void
+usage(void)
+{
+ fprintf(stderr, "usage: pinky [-d base_directory] user\n");
+ exit(2);
+}
+
+int
+main(int argc, char *argv[])
+{
+ FILE *fp;
+ char *base_path = NULL, *pinky_path = NULL, *user = NULL,
+ buf[BUF_LEN];
+ int ch, n;
+ ssize_t nread;
+ size_t buflen = BUF_LEN;
+
+ base_path = _DEFAULT_BASE_PATH;
+
+ opterr = 0;
+ while ((ch = getopt(argc, argv, "d:")) != -1)
+ switch (ch) {
+ case 'd':
+ base_path = optarg;
+ break;
+ default:
+ usage();
+ }
+ argc -= optind;
+ argv += optind;
+
+ if (argc != 1) {
+ printf("No info for you today.\n");
+ exit(0);
+ }
+
+ user = strndup(argv[0], _PW_NAME_LEN);
+
+ if (unveil(base_path, "r") == -1)
+ err(1, "unveil");
+ if (pledge("stdio rpath", NULL) == -1)
+ err(1, "pledge");
+
+ n = asprintf(&pinky_path, "%s/%s", base_path, user);
+ if ((n < 0) || (n > PATH_MAX)) {
+ err(1, "path create");
+ }
+
+ if (access(pinky_path, R_OK) == -1) {
+ printf("These aren't the droids you're looking for ...\n");
+ exit(0);
+ }
+
+ if ((fp = fopen(pinky_path, "r")) == NULL)
+ err(1, "open file");
+
+ while ((nread = fread(buf, sizeof(char), buflen, fp)) != 0)
+ fwrite(buf, sizeof(char), nread, stdout);
+
+ free(pinky_path);
+ free(user);
+ fclose(fp);
+
+ exit(0);
+}
+