Contents of /xml/htdocs/proj/en/glep/glep-0012.html

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.2 - (hide annotations) (download) (as text)
Sat Jan 31 21:56:55 2004 UTC (15 years, 1 month ago) by g2boojum
Branch: MAIN
Changes since 1.1: +26 -16 lines
File MIME type: text/html
Minor fixes

1 g2boojum 1.1 <?xml version="1.0" encoding="utf-8" ?>
2     <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3     <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4     <!--
5     This HTML is auto-generated. DO NOT EDIT THIS FILE! If you are writing a new
6     PEP, see http://www.python.org/peps/pep-0001.html for instructions and links
8     -->
9     <head>
10     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
11     <meta name="generator" content="Docutils 0.3.0: http://docutils.sourceforge.net/" />
12     <title>GLEP 12 -- Gentoo.org Finger Daemon</title>
13     <link rel="stylesheet" href="tools/glep.css" type="text/css" />
14     </head>
15     <body bgcolor="white">
16     <table class="navigation" cellpadding="0" cellspacing="0"
17     width="100%" border="0">
18     <tr><td class="navicon" width="150" height="35">
19     <a href="http://www.gentoo.org/" title="Gentoo Linux Home Page">
20     <img src="http://www.gentoo.org/images/gentoo-new.gif" alt="[Gentoo]"
21     border="0" width="150" height="35" /></a></td>
22     <td class="textlinks" align="left">
23     [<b><a href="http://www.gentoo.org/">Gentoo Linux Home</a></b>]
24     [<b><a href="http://www.gentoo.org/proj/en/glep">GLEP Index</a></b>]
25     [<b><a href="http://www.gentoo.org/proj/en/glep/glep-0012.txt">GLEP Source</a></b>]
26     </td></tr></table>
27     <div class="document">
28     <table class="rfc2822 field-list" frame="void" rules="none">
29     <col class="field-name" />
30     <col class="field-body" />
31     <tbody valign="top">
32     <tr class="field"><th class="field-name">GLEP:</th><td class="field-body">12</td>
33     </tr>
34     <tr class="field"><th class="field-name">Title:</th><td class="field-body">Gentoo.org Finger Daemon</td>
35     </tr>
36     <tr class="field"><th class="field-name">Version:</th><td class="field-body">1.1</td>
37     </tr>
38     <tr class="field"><th class="field-name">Last-Modified:</th><td class="field-body"><a class="reference" href="http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/proj/en/glep/glep-0012.txt?cvsroot=gentoo">2003/08/11 14:32:44</a></td>
39     </tr>
40     <tr class="field"><th class="field-name">Author:</th><td class="field-body">Tavis Ormandy &lt;taviso&#32;&#97;t&#32;gentoo.org&gt;</td>
41     </tr>
42 g2boojum 1.2 <tr class="field"><th class="field-name">Status:</th><td class="field-body">Rejected</td>
43 g2boojum 1.1 </tr>
44     <tr class="field"><th class="field-name">Type:</th><td class="field-body">Standards Track</td>
45     </tr>
46     <tr class="field"><th class="field-name">Created:</th><td class="field-body">10-Aug-2003</td>
47     </tr>
48     <tr class="field"><th class="field-name">Post-History:</th><td class="field-body">11-Aug-2003</td>
49     </tr>
50     </tbody>
51     </table>
52     <hr />
53     <div class="contents topic" id="contents">
54     <p class="topic-title"><a name="contents">Contents</a></p>
55     <ul class="simple">
56 g2boojum 1.2 <li><a class="reference" href="#reason-for-rejection" id="id21" name="id21">Reason for rejection</a></li>
57     <li><a class="reference" href="#abstract" id="id22" name="id22">Abstract</a></li>
58     <li><a class="reference" href="#motivation" id="id23" name="id23">Motivation</a></li>
59     <li><a class="reference" href="#rationale" id="id24" name="id24">Rationale</a></li>
60     <li><a class="reference" href="#implementation-and-security" id="id25" name="id25">Implementation and Security</a></li>
61     <li><a class="reference" href="#example-query" id="id26" name="id26">Example Query</a></li>
62     <li><a class="reference" href="#references" id="id27" name="id27">References</a></li>
63     <li><a class="reference" href="#copyright" id="id28" name="id28">Copyright</a></li>
64 g2boojum 1.1 </ul>
65     </div>
66 g2boojum 1.2 <div class="section" id="reason-for-rejection">
67     <h1><a class="toc-backref" href="#id21" name="reason-for-rejection">Reason for rejection</a></h1>
68     <p>Information about Gentoo development is already significantly fragmented.
69     Although this GLEP has its merits, the fact that it is a separate source
70     of information, rather than simply another conduit to existing sources
71     of information, poses more problems than it solves. Were this GLEP to
72     be resubmitted/modified so that finger was nothing more than an interface
73     into existing sources of information, it would probably be accepted.</p>
74     </div>
75 g2boojum 1.1 <div class="section" id="abstract">
76 g2boojum 1.2 <h1><a class="toc-backref" href="#id22" name="abstract">Abstract</a></h1>
77 g2boojum 1.1 <p>The finger protocol is documented in rfc742 <a class="footnote-reference" href="#id11" id="id1" name="id1">[1]</a> and rfc1196 <a class="footnote-reference" href="#id12" id="id2" name="id2">[2]</a>, a simple
78     protocol that returns a human readable report about a particular user
79     of the system. Typically, the information returned will be details such as
80     full name, location, etc. These details are entirely optional and are obtained
81     from the system passwd file, which of course can be edited or removed with the
82     standard chfn(1) <a class="footnote-reference" href="#id13" id="id3" name="id3">[3]</a> command.</p>
83     <p>The finger daemon will also return the contents of three files from the users home
84     directory, should they exist and be readable.</p>
85     <blockquote>
86     <ul class="simple">
87     <li>~/.project - which should contain information about the project currently being worked on.</li>
88     <li>~/.plan - which might contain work being done or a TODO style list.</li>
89     <li>~/.pgpkey - which would contain a PGP/GnuPG <a class="footnote-reference" href="#id14" id="id4" name="id4">[4]</a> public key block.</li>
90     </ul>
91     </blockquote>
92     <p>The finger protocol is mature, secure and widely used in the UNIX community.
93     There are clients available for all major operating systems, and web-based
94     clients for those that dont.</p>
95     </div>
96     <div class="section" id="motivation">
97 g2boojum 1.2 <h1><a class="toc-backref" href="#id23" name="motivation">Motivation</a></h1>
98 g2boojum 1.1 <p>Gentoo developers are already aware of the importance of User Relations <a class="footnote-reference" href="#id19" id="id5" name="id5">[9]</a> .</p>
99     <p>It is essential to keep the community up to date with current goals, status
100     updates, and information from the development team. Currently it is suggested
101     users track mailing lists, monitor the Gentoo bugzilla, developer IRC
102     channels and cvs commits.</p>
103     <p>While the resources to track developer progress and activity are made
104     available to users, they are not in a form usable to many people. Keeping
105     track of development is a tedious challenge, even for developers. For
106     non-technical users wishing to track the progress of a developer, using
107     mailing lists and bugzilla may not be a practical option.</p>
108     <p>Developers may also need a way to quickly find out the progress or activity of
109     other developers, different time zones sometimes makes it difficult for
110     developers to catch each other on IRC, and making already high-volume mailing
111     lists even more cluttered with status updates is not desirable.</p>
112     <p>A method that would allow individual developers to keep a log of their
113     activities and plans that were instantly accesible to anyone who was
114     interested would be desirable, I propose running a finger daemon on
115     gentoo.org, or dev.gentoo.org and forwarding requests there from gentoo.org.</p>
116     <p>Running a developer finger daemon would improve inter developer communication,
117     user communication and relations, and reduce workload on developers who have to
118     respond to queries from users on project status updates.</p>
119     <p>In the future, it is foreseen that portage will require a cryptographically
120     secure means of verifying ebuilds aquired from an rsync mirror are identical
121     to those checked into the portage tree by a developer <a class="footnote-reference" href="#id20" id="id6" name="id6">[10]</a> . Making developer keys
122     available to users for manually checking the integrity of files, or patches
123     sent to them is important. It has long been known that encouraging the
124     use of gpg among developers is desirable <a class="footnote-reference" href="#id15" id="id7" name="id7">[5]</a> .</p>
125     <p>Should a security vulnerability of a serious nature ever be reported,
126     standard procedure <a class="footnote-reference" href="#id16" id="id8" name="id8">[6]</a> is to inform vendors before releasing the information
127     to full disclosure security discussion lists. Making the relevant maintainer's
128     key easily obtainable will allow reporters to encrypt their reports.</p>
129     </div>
130     <div class="section" id="rationale">
131 g2boojum 1.2 <h1><a class="toc-backref" href="#id24" name="rationale">Rationale</a></h1>
132 g2boojum 1.1 <p>Providing a finger daemon will allow users to instantly access information on
133     developers, and all details of that developers current projects that they decide
134     to share.</p>
135     <p>GPG keys for all developers will be instantly availble, and the output of the
136     finger <a class="reference" href="mailto:devname&#64;gentoo.org">devname&#64;gentoo.org</a> command can be piped into gpg --import to instantly
137     add it to the users keyring.</p>
138     <p>The following projects use finger for user-developer communications,:</p>
139     <pre class="literal-block">
140     Latest kernel releases, and developer information.
141     $ finger &#64;kernel.org
143     Developers and organisers are encouraged to keep .plans about their
144     activity.
145     $ finger nugget&#64;distributed.net
147     Latest NASA news, and information from engineers.
148     $ finger nasanews&#64;space.mit.edu
150     Slackware developers.
151     $ finger volkerdi&#64;slackware.com
153     FreeBSD developers.
154     $ finger nakai&#64;freebsd.org
155     </pre>
156     </div>
157     <div class="section" id="implementation-and-security">
158 g2boojum 1.2 <h1><a class="toc-backref" href="#id25" name="implementation-and-security">Implementation and Security</a></h1>
159 g2boojum 1.1 <p>Some admins are concerned about the security of running a finger daemon on their
160     machines, the class of security issues involved with the finger protocol are
161     commonly referred to as &quot;information leaks&quot; <a class="footnote-reference" href="#id17" id="id9" name="id9">[7]</a>.</p>
162     <p>This means an attacker may be able to use a finger daemon to identify valid
163     accounts on their target, which they would then try to obtain access to.</p>
164     <p>This scenario does not apply to this implementation, as the gentoo developer
165     names are already well publicised. <a class="footnote-reference" href="#id18" id="id10" name="id10">[8]</a></p>
166     <p>No security issues have ever been reported with the fingerd available in gentoo
167     portage. Finger is used worldwide by universities, unix systems, and development
168     projects.</p>
169     <p>Adding dummy users, will be trivial and allow projects such as gentoo-docs,
170     gentoo-alpha, gentoo-ppc, etc to maintain .plans and .projects. This will allow
171     the projects to maintain more technical details or status updates not suitable
172     for their project webpages.</p>
173     <p>Adding data to a plan is a lot simpler than updating webpages.</p>
174     </div>
175     <div class="section" id="example-query">
176 g2boojum 1.2 <h1><a class="toc-backref" href="#id26" name="example-query">Example Query</a></h1>
177 g2boojum 1.1 <p>Should a user want information about the author, this might be the output of
178     a finger query:</p>
179     <pre class="literal-block">
180     $ finger taviso&#64;gentoo.org
181     Login: taviso Name: Tavis Ormandy
182     Directory: /home/taviso Shell: /bin/bash
183     Last login: dd-mmm-yyyy
184     Mail last read dd-mmm-yyy
185     Project:
187     Currently working on implementing XXX, and porting XXX to XXX.
189     Plan:
191     dd-mmm-yyyy
193     Investigating bug #12345, testing patch provided in #12236
195     Write documentation for new features in XXX.
197     dd-mmm-yyyy
199     Contact acmesoft regarding license for xxx in portage.
201     PGP Key:
203     -----BEGIN PGP PUBLIC KEY BLOCK-----
204     Version: GnuPG v1.2.1 (Linux)
205     (...)
206     -----END PGP PUBLIC KEY BLOCK-----
207     </pre>
208     </div>
209     <div class="section" id="references">
210 g2boojum 1.2 <h1><a class="toc-backref" href="#id27" name="references">References</a></h1>
211 g2boojum 1.1 <table class="footnote" frame="void" id="id11" rules="none">
212     <colgroup><col class="label" /><col /></colgroup>
213     <tbody valign="top">
214     <tr><td class="label"><a class="fn-backref" href="#id1" name="id11">[1]</a></td><td><a class="reference" href="http://www.ietf.org/rfc/rfc0742.txt">http://www.ietf.org/rfc/rfc0742.txt</a></td></tr>
215     </tbody>
216     </table>
217     <table class="footnote" frame="void" id="id12" rules="none">
218     <colgroup><col class="label" /><col /></colgroup>
219     <tbody valign="top">
220     <tr><td class="label"><a class="fn-backref" href="#id2" name="id12">[2]</a></td><td><a class="reference" href="http://www.ietf.org/rfc/rfc1196.txt">http://www.ietf.org/rfc/rfc1196.txt</a></td></tr>
221     </tbody>
222     </table>
223     <table class="footnote" frame="void" id="id13" rules="none">
224     <colgroup><col class="label" /><col /></colgroup>
225     <tbody valign="top">
226     <tr><td class="label"><a class="fn-backref" href="#id3" name="id13">[3]</a></td><td><a class="reference" href="http://www.gentoo.org/dyn/pkgs/sys-apps/shadow.xml">http://www.gentoo.org/dyn/pkgs/sys-apps/shadow.xml</a></td></tr>
227     </tbody>
228     </table>
229     <table class="footnote" frame="void" id="id14" rules="none">
230     <colgroup><col class="label" /><col /></colgroup>
231     <tbody valign="top">
232     <tr><td class="label"><a class="fn-backref" href="#id4" name="id14">[4]</a></td><td><a class="reference" href="http://www.gnupg.org">http://www.gnupg.org</a></td></tr>
233     </tbody>
234     </table>
235     <table class="footnote" frame="void" id="id15" rules="none">
236     <colgroup><col class="label" /><col /></colgroup>
237     <tbody valign="top">
238     <tr><td class="label"><a class="fn-backref" href="#id7" name="id15">[5]</a></td><td>&lt;<a class="reference" href="mailto:20030629040521.4316b135.seemant&#64;gentoo.org">20030629040521.4316b135.seemant&#64;gentoo.org</a>&gt;</td></tr>
239     </tbody>
240     </table>
241     <table class="footnote" frame="void" id="id16" rules="none">
242     <colgroup><col class="label" /><col /></colgroup>
243     <tbody valign="top">
244     <tr><td class="label"><a class="fn-backref" href="#id8" name="id16">[6]</a></td><td><a class="reference" href="http://www.oisafety.org/process.html">http://www.oisafety.org/process.html</a></td></tr>
245     </tbody>
246     </table>
247     <table class="footnote" frame="void" id="id17" rules="none">
248     <colgroup><col class="label" /><col /></colgroup>
249     <tbody valign="top">
250     <tr><td class="label"><a class="fn-backref" href="#id9" name="id17">[7]</a></td><td><a class="reference" href="http://search.linuxsecurity.com/cgi-bin/htsearch?words=information%20leak">http://search.linuxsecurity.com/cgi-bin/htsearch?words=information%20leak</a></td></tr>
251     </tbody>
252     </table>
253     <table class="footnote" frame="void" id="id18" rules="none">
254     <colgroup><col class="label" /><col /></colgroup>
255     <tbody valign="top">
256     <tr><td class="label"><a class="fn-backref" href="#id10" name="id18">[8]</a></td><td><a class="reference" href="http://www.gentoo.org/main/en/devlist.xml">http://www.gentoo.org/main/en/devlist.xml</a></td></tr>
257     </tbody>
258     </table>
259     <table class="footnote" frame="void" id="id19" rules="none">
260     <colgroup><col class="label" /><col /></colgroup>
261     <tbody valign="top">
262     <tr><td class="label"><a class="fn-backref" href="#id5" name="id19">[9]</a></td><td><a class="reference" href="http://www.gentoo.org/proj/en/devrel/user-relations.xml">http://www.gentoo.org/proj/en/devrel/user-relations.xml</a></td></tr>
263     </tbody>
264     </table>
265     <table class="footnote" frame="void" id="id20" rules="none">
266     <colgroup><col class="label" /><col /></colgroup>
267     <tbody valign="top">
268     <tr><td class="label"><a class="fn-backref" href="#id6" name="id20">[10]</a></td><td><a class="reference" href="http://www.gentoo.org/news/en/gwn/20030407-newsletter.xml">http://www.gentoo.org/news/en/gwn/20030407-newsletter.xml</a></td></tr>
269     </tbody>
270     </table>
271     </div>
272     <div class="section" id="copyright">
273 g2boojum 1.2 <h1><a class="toc-backref" href="#id28" name="copyright">Copyright</a></h1>
274 g2boojum 1.1 <p>This document is released under the Open Publications License.</p>
275     </div>
276     </div>
278     <hr class="footer"/>
279     <div class="footer">
280     <a class="reference" href="glep-0012.txt">View document source</a>.
281 g2boojum 1.2 Generated on: 2004-01-31 21:54 UTC.
282 g2boojum 1.1 Generated by <a class="reference" href="http://docutils.sourceforge.net/">Docutils</a> from <a class="reference" href="http://docutils.sourceforge.net/rst.html">reStructuredText</a> source.
283     </div>
284     </body>
285     </html>

  ViewVC Help
Powered by ViewVC 1.1.20