Vers 1.8.3 - 9 Jun 94

SFINGERD:

   sfingerd is a secure replacement for the standard
   unix finger daemon. The goal is to have the smallest and safest
   code.

   History
   -------
   I removed ``fingerd'' from my host when I discovered that 
   giving away information such as last login, account names, etc.
   to the world could be potential security threats.

   However, the ability to finger user@host.domain is useful
   for getting information about email, project, pgp keys, and so on.
   So I searched for a finger daemon that could be customized in order
   to reduce such risks. GNU fingerd looked perfect, but it was *huge*
   and I wasn't even sure it did what I wanted; that is, only distribute
   static files to the world and no real time information about my host.

   Availability, disclaimer, etc.
   --------------------------------
   So I wrote ``sfingerd.'' I use it locally and you are encouraged to
   use it as well. I will gladly accept comments, suggestions, and bug (hah!) 
   reports.
  
   I can't promise it's 100% safe; however, I did my best.  I hope the source
   is easy enough to understand such that if you spot any possible problems
   you can let me know ASAP and I'll fix any glaring errors immediately.
   (It is now out and running here for monthes, no problem, so I am now
    almost sure it *is* 100% safe)

   *Warning* read the instructions in sfingerd.c carefully. A badly
   configured ``sfingerd'' can be UNSAFE.

   Please check the source before running it. Get the latest version
   from ftp://hplyot.obspm.fr/net/sfingerd*.tar.gz

   It is a GNU like free software.
   The source code is written by me, Laurent Demailly,
   It comes AS IS - no warranty, etc.
                                       <dl@hplyot.obspm.fr>

   Installation
   ------------
    o Carefully read and edit sfingerd.c,
    o make, edit the 'make-files' script, run it, change the inetd.conf to use
      the new daemon, test it, check syslog... sample inetd entry :
finger       stream tcp nowait root /usr/local/etc/fingerd  fingerd
      DON'T FORGET to put ROOT ^^^^, because it needs it for chroot() call
      and it later changes it uid to a non priviledged one.
    o Tell your users to adjust $CHROOT_PATH/<username> to their needs. Or
      use the 'update-files' script regulary, it scans the static files built
      by make-files and update them if the ~user/.plan changed...

   Enjoy ! 
   dl

Thx to ScottM & Omnion for proof reading.

Note 1  - ``sfingerd'' distribution now includes PGP signed md5 CHECKSUMS.
Note 2  - read the file CHANGES to get information about new features.
