conf/124569: inadequate regular expression in
/etc/periodic/security/800.loginfail
Taku
taku at tekipaki.jp
Sat Jun 14 08:10:07 UTC 2008
>Number: 124569
>Category: conf
>Synopsis: inadequate regular expression in /etc/periodic/security/800.loginfail
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Jun 14 08:10:07 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Taku
>Release: FreeBSD 7.0-RELEASE i386
>Organization:
>Environment:
FreeBSD FreeBSD7 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 19:59:52 UTC 2008 root at logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
>Description:
The regular expression in line 62 of /etc/periodic/security/800.loginfail is inadequate.
It doesn't match (fail|invalid|bad|illegal) at the head of message because unnecessary space exists.
>How-To-Repeat:
>Fix:
--- /etc/periodic/security/800.loginfail.orig 2008-02-25 02:53:19.000000000 +0900
+++ /etc/periodic/security/800.loginfail 2008-06-15 01:34:57.000000000 +0900
@@ -59,7 +59,7 @@
[Yy][Ee][Ss])
echo ""
echo "${host} login failures:"
- n=$(catmsgs | egrep -ia "^$yesterday.*: .* (fail|invalid|bad|illegal)" |
+ n=$(catmsgs | egrep -ia "^$yesterday.*: .*(fail|invalid|bad|illegal)" |
tee /dev/stderr | wc -l)
[ $n -gt 0 ] && rc=1 || rc=0;;
*) rc=0;;
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list