sysrc (awk) bug
Fas Xmut
fasxmut at protonmail.com
Mon May 31 02:01:40 UTC 2021
13.0-Release
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Sunday, May 30, 2021 1:43 PM, Eugene Grosbein <eugen at grosbein.net> wrote:
> 30.05.2021 11:36, Fas Xmut via freebsd-security wrote:
>
> > I don't know if it is a security bug or not. When I use sysrc today, the error operations emptied my /etc/rc.conf, that's a small disaster, because my /etc/rc.conf is updated day by day, but now, it is empty.
> > First, change your default root shell to sh/ksh or their derived shell. (I have tested, csh will not trigger that bug).
> > Second, backup /etc/rc.conf to any other place.
> > Then do the following commands:
> >
> > sysrc something_enable="NO"
> >
> > ============================
> >
> > sysrc something_enable="YES
> >
> > ============================
> >
> > > "
> > > awk: newline in string YES
> > > ... at source line 1
> > > something_enable: NO -> YES
> >
> > Now see what is inside /etc/rc.conf ? Everything is empty! only one thing in it:
> >
> > something_enable="YES
> > "
> >
> > ------------------------
>
> What is your FreeBSD version?
More information about the freebsd-security
mailing list