sysrc (awk) bug
Eugene Grosbein
eugen at grosbein.net
Sun May 30 13:43:17 UTC 2021
30.05.2021 11:36, Fas Xmut via freebsd-security wrote:
> I don't know if it is a security bug or not. When I use sysrc today, the error operations emptied my /etc/rc.conf, that's a small disaster, because my /etc/rc.conf is updated day by day, but now, it is empty.
>
> First, change your default root shell to sh/ksh or their derived shell. (I have tested, csh will not trigger that bug).
>
> Second, backup /etc/rc.conf to any other place.
>
> Then do the following commands:
>
> ------------------------------------------------------------------------
> # sysrc something_enable="NO"
> # sysrc something_enable="YES
>> "
> awk: newline in string YES
> ... at source line 1
> something_enable: NO -> YES
> ------------------------------------------------------------------------
>
> Now see what is inside /etc/rc.conf ? Everything is empty! only one thing in it:
>
> ------------------------------------------------------------------------
> something_enable="YES
> "
> ------------------------------------------------------------------------
What is your FreeBSD version?
More information about the freebsd-security
mailing list