/[gentoo]/xml/htdocs/proj/en/glep/glep-0012.html
Gentoo

Contents of /xml/htdocs/proj/en/glep/glep-0012.html

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.3 - (show annotations) (download) (as text)
Tue Oct 10 20:25:14 2006 UTC (7 years, 11 months ago) by g2boojum
Branch: MAIN
Changes since 1.2: +317 -74 lines
File MIME type: text/html
regenerate all .html files

1 <?xml version="1.0" encoding="utf-8" ?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4 <!--
5 This HTML is auto-generated. DO NOT EDIT THIS FILE! If you are writing a new
6 PEP, see http://www.python.org/peps/pep-0001.html for instructions and links
7 to templates. DO NOT USE THIS HTML FILE AS YOUR TEMPLATE!
8 -->
9 <head>
10 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
11 <meta name="generator" content="Docutils 0.4: http://docutils.sourceforge.net/" />
12 <title>GLEP 12 -- Gentoo.org Finger Daemon</title>
13 <style type="text/css">
14
15 /*
16 :Author: David Goodger
17 :Contact: goodger@users.sourceforge.net
18 :date: $Date: 2003/06/02 17:03:08 $
19 :version: $Revision: 1.1 $
20 :copyright: This stylesheet has been placed in the public domain.
21
22 Default cascading style sheet for the PEP HTML output of Docutils.
23 */
24
25 .first {
26 margin-top: 0 }
27
28 .last {
29 margin-bottom: 0 }
30
31 .navigation {
32 width: 100% ;
33 background: #cc99ff ;
34 margin-top: 0px ;
35 margin-bottom: 0px }
36
37 .navigation .navicon {
38 width: 150px ;
39 height: 35px }
40
41 .navigation .textlinks {
42 padding-left: 1em ;
43 text-align: left }
44
45 .navigation td, .navigation th {
46 padding-left: 0em ;
47 padding-right: 0em ;
48 vertical-align: middle }
49
50 .rfc2822 {
51 margin-top: 0.5em ;
52 margin-left: 0.5em ;
53 margin-right: 0.5em ;
54 margin-bottom: 0em }
55
56 .rfc2822 td {
57 text-align: left }
58
59 .rfc2822 th.field-name {
60 text-align: right ;
61 font-family: sans-serif ;
62 padding-right: 0.5em ;
63 font-weight: bold ;
64 margin-bottom: 0em }
65
66 a.toc-backref {
67 text-decoration: none ;
68 color: black }
69
70 body {
71 margin: 0px ;
72 margin-bottom: 1em ;
73 padding: 0px }
74
75 dd {
76 margin-bottom: 0.5em }
77
78 div.section {
79 margin-left: 1em ;
80 margin-right: 1em ;
81 margin-bottom: 1.5em }
82
83 div.section div.section {
84 margin-left: 0em ;
85 margin-right: 0em ;
86 margin-top: 1.5em }
87
88 div.abstract {
89 margin: 2em 5em }
90
91 div.abstract p.topic-title {
92 font-weight: bold ;
93 text-align: center }
94
95 div.attention, div.caution, div.danger, div.error, div.hint,
96 div.important, div.note, div.tip, div.warning {
97 margin: 2em ;
98 border: medium outset ;
99 padding: 1em }
100
101 div.attention p.admonition-title, div.caution p.admonition-title,
102 div.danger p.admonition-title, div.error p.admonition-title,
103 div.warning p.admonition-title {
104 color: red ;
105 font-weight: bold ;
106 font-family: sans-serif }
107
108 div.hint p.admonition-title, div.important p.admonition-title,
109 div.note p.admonition-title, div.tip p.admonition-title {
110 font-weight: bold ;
111 font-family: sans-serif }
112
113 div.figure {
114 margin-left: 2em }
115
116 div.footer, div.header {
117 font-size: smaller }
118
119 div.footer {
120 margin-left: 1em ;
121 margin-right: 1em }
122
123 div.system-messages {
124 margin: 5em }
125
126 div.system-messages h1 {
127 color: red }
128
129 div.system-message {
130 border: medium outset ;
131 padding: 1em }
132
133 div.system-message p.system-message-title {
134 color: red ;
135 font-weight: bold }
136
137 div.topic {
138 margin: 2em }
139
140 h1 {
141 font-family: sans-serif ;
142 font-size: large }
143
144 h2 {
145 font-family: sans-serif ;
146 font-size: medium }
147
148 h3 {
149 font-family: sans-serif ;
150 font-size: small }
151
152 h4 {
153 font-family: sans-serif ;
154 font-style: italic ;
155 font-size: small }
156
157 h5 {
158 font-family: sans-serif;
159 font-size: x-small }
160
161 h6 {
162 font-family: sans-serif;
163 font-style: italic ;
164 font-size: x-small }
165
166 .section hr {
167 width: 75% }
168
169 ol.simple, ul.simple {
170 margin-bottom: 1em }
171
172 ol.arabic {
173 list-style: decimal }
174
175 ol.loweralpha {
176 list-style: lower-alpha }
177
178 ol.upperalpha {
179 list-style: upper-alpha }
180
181 ol.lowerroman {
182 list-style: lower-roman }
183
184 ol.upperroman {
185 list-style: upper-roman }
186
187 p.caption {
188 font-style: italic }
189
190 p.credits {
191 font-style: italic ;
192 font-size: smaller }
193
194 p.label {
195 white-space: nowrap }
196
197 p.topic-title {
198 font-family: sans-serif ;
199 font-weight: bold }
200
201 pre.line-block {
202 font-family: serif ;
203 font-size: 100% }
204
205 pre.literal-block, pre.doctest-block {
206 margin-left: 2em ;
207 margin-right: 2em ;
208 background-color: #eeeeee }
209
210 span.classifier {
211 font-family: sans-serif ;
212 font-style: oblique }
213
214 span.classifier-delimiter {
215 font-family: sans-serif ;
216 font-weight: bold }
217
218 span.interpreted {
219 font-family: sans-serif }
220
221 span.option-argument {
222 font-style: italic }
223
224 span.pre {
225 white-space: pre }
226
227 span.problematic {
228 color: red }
229
230 table {
231 margin-top: 0.5em ;
232 margin-bottom: 0.5em }
233
234 td, th {
235 padding-left: 0.5em ;
236 padding-right: 0.5em ;
237 vertical-align: top }
238
239 td.num {
240 text-align: right }
241
242 th.field-name {
243 font-weight: bold ;
244 text-align: left ;
245 white-space: nowrap }
246
247 h1 tt, h2 tt, h3 tt, h4 tt, h5 tt, h6 tt {
248 font-size: 100% }
249
250 tt {
251 background-color: #eeeeee }
252
253 ul.auto-toc {
254 list-style-type: none }
255
256 </style>
257 </head>
258 <body bgcolor="white">
259 <table class="navigation" cellpadding="0" cellspacing="0"
260 width="100%" border="0">
261 <tr><td class="navicon" width="150" height="35">
262 <a href="http://www.gentoo.org/" title="Gentoo Linux Home Page">
263 <img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]"
264 border="0" width="150" height="35" /></a></td>
265 <td class="textlinks" align="left">
266 [<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>]
267 [<b><a href="http://www.gentoo.org/peps">GLEP Index</a></b>]
268 [<b><a href="http://www.gentoo.org/proj/en/glep/glep-0012.txt">GLEP Source</a></b>]
269 </td></tr></table>
270 <table class="rfc2822 docutils field-list" frame="void" rules="none">
271 <col class="field-name" />
272 <col class="field-body" />
273 <tbody valign="top">
274 <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">12</td>
275 </tr>
276 <tr class="field"><th class="field-name">Title:</th><td class="field-body">Gentoo.org Finger Daemon</td>
277 </tr>
278 <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.2</td>
279 </tr>
280 <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0012.txt?cvsroot=gentoo">2004/01/31 21:56:55</a></td>
281 </tr>
282 <tr class="field"><th class="field-name">Author:</th><td class="field-body">Tavis Ormandy &lt;taviso&#32;&#97;t&#32;gentoo.org&gt;</td>
283 </tr>
284 <tr class="field"><th class="field-name">Status:</th><td class="field-body">Rejected</td>
285 </tr>
286 <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td>
287 </tr>
288 <tr class="field"><th class="field-name">Created:</th><td class="field-body">10-Aug-2003</td>
289 </tr>
290 <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">11-Aug-2003</td>
291 </tr>
292 </tbody>
293 </table>
294 <hr />
295 <div class="contents topic">
296 <p class="topic-title first"><a id="contents" name="contents">Contents</a></p>
297 <ul class="simple">
298 <li><a class="reference" href="#reason-for-rejection" id="id21" name="id21">Reason for rejection</a></li>
299 <li><a class="reference" href="#abstract" id="id22" name="id22">Abstract</a></li>
300 <li><a class="reference" href="#motivation" id="id23" name="id23">Motivation</a></li>
301 <li><a class="reference" href="#rationale" id="id24" name="id24">Rationale</a></li>
302 <li><a class="reference" href="#implementation-and-security" id="id25" name="id25">Implementation and Security</a></li>
303 <li><a class="reference" href="#example-query" id="id26" name="id26">Example Query</a></li>
304 <li><a class="reference" href="#references" id="id27" name="id27">References</a></li>
305 <li><a class="reference" href="#copyright" id="id28" name="id28">Copyright</a></li>
306 </ul>
307 </div>
308 <div class="section">
309 <h1><a class="toc-backref" href="#id21" id="reason-for-rejection" name="reason-for-rejection">Reason for rejection</a></h1>
310 <p>Information about Gentoo development is already significantly fragmented.
311 Although this GLEP has its merits, the fact that it is a separate source
312 of information, rather than simply another conduit to existing sources
313 of information, poses more problems than it solves. Were this GLEP to
314 be resubmitted/modified so that finger was nothing more than an interface
315 into existing sources of information, it would probably be accepted.</p>
316 </div>
317 <div class="section">
318 <h1><a class="toc-backref" href="#id22" id="abstract" name="abstract">Abstract</a></h1>
319 <p>The finger protocol is documented in rfc742 <a class="footnote-reference" href="#id11" id="id1" name="id1">[1]</a> and rfc1196 <a class="footnote-reference" href="#id12" id="id2" name="id2">[2]</a>, a simple
320 protocol that returns a human readable report about a particular user
321 of the system. Typically, the information returned will be details such as
322 full name, location, etc. These details are entirely optional and are obtained
323 from the system passwd file, which of course can be edited or removed with the
324 standard chfn(1) <a class="footnote-reference" href="#id13" id="id3" name="id3">[3]</a> command.</p>
325 <p>The finger daemon will also return the contents of three files from the users home
326 directory, should they exist and be readable.</p>
327 <blockquote>
328 <ul class="simple">
329 <li>~/.project - which should contain information about the project currently being worked on.</li>
330 <li>~/.plan - which might contain work being done or a TODO style list.</li>
331 <li>~/.pgpkey - which would contain a PGP/GnuPG <a class="footnote-reference" href="#id14" id="id4" name="id4">[4]</a> public key block.</li>
332 </ul>
333 </blockquote>
334 <p>The finger protocol is mature, secure and widely used in the UNIX community.
335 There are clients available for all major operating systems, and web-based
336 clients for those that dont.</p>
337 </div>
338 <div class="section">
339 <h1><a class="toc-backref" href="#id23" id="motivation" name="motivation">Motivation</a></h1>
340 <p>Gentoo developers are already aware of the importance of User Relations <a class="footnote-reference" href="#id19" id="id5" name="id5">[9]</a> .</p>
341 <p>It is essential to keep the community up to date with current goals, status
342 updates, and information from the development team. Currently it is suggested
343 users track mailing lists, monitor the Gentoo bugzilla, developer IRC
344 channels and cvs commits.</p>
345 <p>While the resources to track developer progress and activity are made
346 available to users, they are not in a form usable to many people. Keeping
347 track of development is a tedious challenge, even for developers. For
348 non-technical users wishing to track the progress of a developer, using
349 mailing lists and bugzilla may not be a practical option.</p>
350 <p>Developers may also need a way to quickly find out the progress or activity of
351 other developers, different time zones sometimes makes it difficult for
352 developers to catch each other on IRC, and making already high-volume mailing
353 lists even more cluttered with status updates is not desirable.</p>
354 <p>A method that would allow individual developers to keep a log of their
355 activities and plans that were instantly accesible to anyone who was
356 interested would be desirable, I propose running a finger daemon on
357 gentoo.org, or dev.gentoo.org and forwarding requests there from gentoo.org.</p>
358 <p>Running a developer finger daemon would improve inter developer communication,
359 user communication and relations, and reduce workload on developers who have to
360 respond to queries from users on project status updates.</p>
361 <p>In the future, it is foreseen that portage will require a cryptographically
362 secure means of verifying ebuilds aquired from an rsync mirror are identical
363 to those checked into the portage tree by a developer <a class="footnote-reference" href="#id20" id="id6" name="id6">[10]</a> . Making developer keys
364 available to users for manually checking the integrity of files, or patches
365 sent to them is important. It has long been known that encouraging the
366 use of gpg among developers is desirable <a class="footnote-reference" href="#id15" id="id7" name="id7">[5]</a> .</p>
367 <p>Should a security vulnerability of a serious nature ever be reported,
368 standard procedure <a class="footnote-reference" href="#id16" id="id8" name="id8">[6]</a> is to inform vendors before releasing the information
369 to full disclosure security discussion lists. Making the relevant maintainer's
370 key easily obtainable will allow reporters to encrypt their reports.</p>
371 </div>
372 <div class="section">
373 <h1><a class="toc-backref" href="#id24" id="rationale" name="rationale">Rationale</a></h1>
374 <p>Providing a finger daemon will allow users to instantly access information on
375 developers, and all details of that developers current projects that they decide
376 to share.</p>
377 <p>GPG keys for all developers will be instantly availble, and the output of the
378 finger <a class="reference" href="mailto:devname&#64;gentoo.org">devname&#64;gentoo.org</a> command can be piped into gpg --import to instantly
379 add it to the users keyring.</p>
380 <p>The following projects use finger for user-developer communications,:</p>
381 <pre class="literal-block">
382 Latest kernel releases, and developer information.
383 $ finger &#64;kernel.org
384
385 Developers and organisers are encouraged to keep .plans about their
386 activity.
387 $ finger nugget&#64;distributed.net
388
389 Latest NASA news, and information from engineers.
390 $ finger nasanews&#64;space.mit.edu
391
392 Slackware developers.
393 $ finger volkerdi&#64;slackware.com
394
395 FreeBSD developers.
396 $ finger nakai&#64;freebsd.org
397 </pre>
398 </div>
399 <div class="section">
400 <h1><a class="toc-backref" href="#id25" id="implementation-and-security" name="implementation-and-security">Implementation and Security</a></h1>
401 <p>Some admins are concerned about the security of running a finger daemon on their
402 machines, the class of security issues involved with the finger protocol are
403 commonly referred to as &quot;information leaks&quot; <a class="footnote-reference" href="#id17" id="id9" name="id9">[7]</a>.</p>
404 <p>This means an attacker may be able to use a finger daemon to identify valid
405 accounts on their target, which they would then try to obtain access to.</p>
406 <p>This scenario does not apply to this implementation, as the gentoo developer
407 names are already well publicised. <a class="footnote-reference" href="#id18" id="id10" name="id10">[8]</a></p>
408 <p>No security issues have ever been reported with the fingerd available in gentoo
409 portage. Finger is used worldwide by universities, unix systems, and development
410 projects.</p>
411 <p>Adding dummy users, will be trivial and allow projects such as gentoo-docs,
412 gentoo-alpha, gentoo-ppc, etc to maintain .plans and .projects. This will allow
413 the projects to maintain more technical details or status updates not suitable
414 for their project webpages.</p>
415 <p>Adding data to a plan is a lot simpler than updating webpages.</p>
416 </div>
417 <div class="section">
418 <h1><a class="toc-backref" href="#id26" id="example-query" name="example-query">Example Query</a></h1>
419 <p>Should a user want information about the author, this might be the output of
420 a finger query:</p>
421 <pre class="literal-block">
422 $ finger taviso&#64;gentoo.org
423 Login: taviso Name: Tavis Ormandy
424 Directory: /home/taviso Shell: /bin/bash
425 Last login: dd-mmm-yyyy
426 Mail last read dd-mmm-yyy
427 Project:
428
429 Currently working on implementing XXX, and porting XXX to XXX.
430
431 Plan:
432
433 dd-mmm-yyyy
434
435 Investigating bug #12345, testing patch provided in #12236
436
437 Write documentation for new features in XXX.
438
439 dd-mmm-yyyy
440
441 Contact acmesoft regarding license for xxx in portage.
442
443 PGP Key:
444
445 -----BEGIN PGP PUBLIC KEY BLOCK-----
446 Version: GnuPG v1.2.1 (Linux)
447 (...)
448 -----END PGP PUBLIC KEY BLOCK-----
449 </pre>
450 </div>
451 <div class="section">
452 <h1><a class="toc-backref" href="#id27" id="references" name="references">References</a></h1>
453 <table class="docutils footnote" frame="void" id="id11" rules="none">
454 <colgroup><col class="label" /><col /></colgroup>
455 <tbody valign="top">
456 <tr><td class="label"><a class="fn-backref" href="#id1" name="id11">[1]</a></td><td><a class="reference" href="http://www.ietf.org/rfc/rfc0742.txt">http://www.ietf.org/rfc/rfc0742.txt</a></td></tr>
457 </tbody>
458 </table>
459 <table class="docutils footnote" frame="void" id="id12" rules="none">
460 <colgroup><col class="label" /><col /></colgroup>
461 <tbody valign="top">
462 <tr><td class="label"><a class="fn-backref" href="#id2" name="id12">[2]</a></td><td><a class="reference" href="http://www.ietf.org/rfc/rfc1196.txt">http://www.ietf.org/rfc/rfc1196.txt</a></td></tr>
463 </tbody>
464 </table>
465 <table class="docutils footnote" frame="void" id="id13" rules="none">
466 <colgroup><col class="label" /><col /></colgroup>
467 <tbody valign="top">
468 <tr><td class="label"><a class="fn-backref" href="#id3" name="id13">[3]</a></td><td><a class="reference" href="http://www.gentoo.org/dyn/pkgs/sys-apps/shadow.xml">http://www.gentoo.org/dyn/pkgs/sys-apps/shadow.xml</a></td></tr>
469 </tbody>
470 </table>
471 <table class="docutils footnote" frame="void" id="id14" rules="none">
472 <colgroup><col class="label" /><col /></colgroup>
473 <tbody valign="top">
474 <tr><td class="label"><a class="fn-backref" href="#id4" name="id14">[4]</a></td><td><a class="reference" href="http://www.gnupg.org">http://www.gnupg.org</a></td></tr>
475 </tbody>
476 </table>
477 <table class="docutils footnote" frame="void" id="id15" rules="none">
478 <colgroup><col class="label" /><col /></colgroup>
479 <tbody valign="top">
480 <tr><td class="label"><a class="fn-backref" href="#id7" name="id15">[5]</a></td><td>&lt;<a class="reference" href="mailto:20030629040521.4316b135.seemant&#64;gentoo.org">20030629040521.4316b135.seemant&#64;gentoo.org</a>&gt;</td></tr>
481 </tbody>
482 </table>
483 <table class="docutils footnote" frame="void" id="id16" rules="none">
484 <colgroup><col class="label" /><col /></colgroup>
485 <tbody valign="top">
486 <tr><td class="label"><a class="fn-backref" href="#id8" name="id16">[6]</a></td><td><a class="reference" href="http://www.oisafety.org/process.html">http://www.oisafety.org/process.html</a></td></tr>
487 </tbody>
488 </table>
489 <table class="docutils footnote" frame="void" id="id17" rules="none">
490 <colgroup><col class="label" /><col /></colgroup>
491 <tbody valign="top">
492 <tr><td class="label"><a class="fn-backref" href="#id9" name="id17">[7]</a></td><td><a class="reference" href="http://search.linuxsecurity.com/cgi-bin/htsearch?words=information%20leak">http://search.linuxsecurity.com/cgi-bin/htsearch?words=information%20leak</a></td></tr>
493 </tbody>
494 </table>
495 <table class="docutils footnote" frame="void" id="id18" rules="none">
496 <colgroup><col class="label" /><col /></colgroup>
497 <tbody valign="top">
498 <tr><td class="label"><a class="fn-backref" href="#id10" name="id18">[8]</a></td><td><a class="reference" href="http://www.gentoo.org/main/en/devlist.xml">http://www.gentoo.org/main/en/devlist.xml</a></td></tr>
499 </tbody>
500 </table>
501 <table class="docutils footnote" frame="void" id="id19" rules="none">
502 <colgroup><col class="label" /><col /></colgroup>
503 <tbody valign="top">
504 <tr><td class="label"><a class="fn-backref" href="#id5" name="id19">[9]</a></td><td><a class="reference" href="http://www.gentoo.org/proj/en/devrel/user-relations.xml">http://www.gentoo.org/proj/en/devrel/user-relations.xml</a></td></tr>
505 </tbody>
506 </table>
507 <table class="docutils footnote" frame="void" id="id20" rules="none">
508 <colgroup><col class="label" /><col /></colgroup>
509 <tbody valign="top">
510 <tr><td class="label"><a class="fn-backref" href="#id6" name="id20">[10]</a></td><td><a class="reference" href="http://www.gentoo.org/news/en/gwn/20030407-newsletter.xml">http://www.gentoo.org/news/en/gwn/20030407-newsletter.xml</a></td></tr>
511 </tbody>
512 </table>
513 </div>
514 <div class="section">
515 <h1><a class="toc-backref" href="#id28" id="copyright" name="copyright">Copyright</a></h1>
516 <p>This document is released under the Open Publications License.</p>
517 </div>
518
519 </div>
520 <div class="footer">
521 <hr class="footer" />
522 <a class="reference" href="glep-0012.txt">View document source</a>.
523 Generated on: 2006-10-10 20:23 UTC.
524 Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source.
525
526 </div>
527 </body>
528 </html>

  ViewVC Help
Powered by ViewVC 1.1.20