Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 12 Apr 2001 22:27:21 -0700 (PDT)
From:      duwde@duwde.com.br
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   misc/26529: /etc/security in 4.x-stable needs a little FIX !
Message-ID:  <200104130527.f3D5RLB27430@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         26529
>Category:       misc
>Synopsis:       /etc/security in 4.x-stable needs a little FIX !
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Apr 12 22:30:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Fabio Vilan Dias
>Release:        4.x-stable LATEST as of Apr/13/2001
>Organization:
Isec Information Security Ltda
>Environment:
bash-2.04$ uname -a
FreeBSD mobile.x.gov 4.3-RC FreeBSD 4.3-RC #26: Wed Apr 11 01:37:47 BRT 2001     duwde@mobile.x.gov:/usr/obj/usr/src/sys/MOBILE  i386

>Description:
As we can see in /usr/src/contrib/bind/CHANGES line 495
there was a little change in the logging method since 
BIND 8.2.3-T1A, thus affecting all new versions. 
(8.2.3-REL is the 4.x-stable version)

-- line 495 /usr/src/contrib/bind/CHANGES
 940.   [clarity]       unapproved -> denied in log messages.
--

/etc/security greps for "unapproved AXFR from" and the new bind
logging method is "denied AXFR from", no big deal.

So no AXFR denied are being included in the security report.
>How-To-Repeat:
run periodic daily. no denied AXFR will be included.
as the wrong grep is being used.
>Fix:
1 line patch, no big deal.
----------------------------------------------------------------------------
*** security.old        Wed Apr 11 02:00:06 2001
--- security    Wed Apr 11 02:00:26 2001
***************
*** 201,207 ****
  #
  separator
  echo "$host checking for denied secondary zone transfers:"
! n=$(catmsgs | grep -i "unapproved AXFR from" | tee /dev/stderr | wc
-l)
  [ $n -gt 0 -a $rc -lt 1 ] && rc=1
  
  rm -f ${TMP}
--- 201,207 ----
  #
  separator
  echo "$host checking for denied secondary zone transfers:"
! n=$(catmsgs | grep -i "denied AXFR from" | tee /dev/stderr | wc -l)
  [ $n -gt 0 -a $rc -lt 1 ] && rc=1
  
  rm -f ${TMP}

----------------------------------------------------------------------------
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104130527.f3D5RLB27430>