From owner-freebsd-security@freebsd.org Sun May 30 04:36:56 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7731664DC64 for ; Sun, 30 May 2021 04:36:56 +0000 (UTC) (envelope-from fasxmut@protonmail.com) Received: from mail-40130.protonmail.ch (mail-40130.protonmail.ch [185.70.40.130]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "SwissSign Server Gold CA 2014 - G22" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ft5HB6SzNz3Pg6 for ; Sun, 30 May 2021 04:36:54 +0000 (UTC) (envelope-from fasxmut@protonmail.com) Date: Sun, 30 May 2021 04:36:45 +0000 To: "freebsd-security@freebsd.org" From: Fas Xmut Reply-To: Fas Xmut Subject: sysrc (awk) bug Message-ID: <0J-hkv9PO-ZfjHO2kiEVatVRNdz0xTZ8pDMOvPreE53RFRsgyWHnU0U1IPO-mxNmswiB5KyGgO067-gLMA0PfW4Py3bBYllvQCBMTc2T8QE=@protonmail.com> MIME-Version: 1.0 X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Rspamd-Queue-Id: 4Ft5HB6SzNz3Pg6 X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.90 / 15.00]; HAS_REPLYTO(0.00)[fasxmut@protonmail.com]; FREEMAIL_FROM(0.00)[protonmail.com]; R_SPF_ALLOW(-0.20)[+ip4:185.70.40.0/24]; MIME_BASE64_TEXT_BOGUS(1.00)[]; DKIM_TRACE(0.00)[protonmail.com:+]; MIME_BASE64_TEXT(0.10)[]; DMARC_POLICY_ALLOW(-0.50)[protonmail.com,quarantine]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[185.70.40.130:from]; FREEMAIL_ENVFROM(0.00)[protonmail.com]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[protonmail.com:s=protonmail]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; FREEMAIL_REPLYTO(0.00)[protonmail.com]; HAS_PHPMAILER_SIG(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[185.70.40.130:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[185.70.40.130:from]; TO_DN_EQ_ADDR_ALL(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[185.70.40.130:from]; MAILMAN_DEST(0.00)[freebsd-security] Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 04:36:56 -0000 SSBkb24ndCBrbm93IGlmIGl0IGlzIGEgc2VjdXJpdHkgYnVnIG9yIG5vdC4gV2hlbiBJIHVzZSBz eXNyYyB0b2RheSwgdGhlIGVycm9yIG9wZXJhdGlvbnMgZW1wdGllZCBteSAvZXRjL3JjLmNvbmYs IHRoYXQncyBhIHNtYWxsIGRpc2FzdGVyLCBiZWNhdXNlIG15IC9ldGMvcmMuY29uZiBpcyB1cGRh dGVkIGRheSBieSBkYXksIGJ1dCBub3csIGl0IGlzIGVtcHR5LgoKRmlyc3QsIGNoYW5nZSB5b3Vy IGRlZmF1bHQgcm9vdCBzaGVsbCB0byBzaC9rc2ggb3IgdGhlaXIgZGVyaXZlZCBzaGVsbC4gKEkg aGF2ZSB0ZXN0ZWQsIGNzaCB3aWxsIG5vdCB0cmlnZ2VyIHRoYXQgYnVnKS4KClNlY29uZCwgYmFj a3VwIC9ldGMvcmMuY29uZiB0byBhbnkgb3RoZXIgcGxhY2UuCgpUaGVuIGRvIHRoZSBmb2xsb3dp bmcgY29tbWFuZHM6CgotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBzeXNyYyBzb21ldGhpbmdfZW5hYmxlPSJO TyIKIyBzeXNyYyBzb21ldGhpbmdfZW5hYmxlPSJZRVMKPiAiCmF3azogbmV3bGluZSBpbiBzdHJp bmcgWUVTCi4uLiBhdCBzb3VyY2UgbGluZSAxCnNvbWV0aGluZ19lbmFibGU6IE5PIC0+IFlFUwot LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0KCk5vdyBzZWUgd2hhdCBpcyBpbnNpZGUgL2V0Yy9yYy5jb25mID8gRXZl cnl0aGluZyBpcyBlbXB0eSEgb25seSBvbmUgdGhpbmcgaW4gaXQ6CgotLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0K c29tZXRoaW5nX2VuYWJsZT0iWUVTCiIKLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgpTZW50IHdpdGggW1Byb3Rv bk1haWxdKGh0dHBzOi8vcHJvdG9ubWFpbC5jb20pIFNlY3VyZSBFbWFpbC4= From owner-freebsd-security@freebsd.org Sat May 29 11:53:59 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2C04463F1A2 for ; Sat, 29 May 2021 11:53:59 +0000 (UTC) (envelope-from fasxmut@protonmail.com) Received: from mail-40130.protonmail.ch (mail-40130.protonmail.ch [185.70.40.130]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "SwissSign Server Gold CA 2014 - G22" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fsg1x5rN9z4lQ0 for ; Sat, 29 May 2021 11:53:57 +0000 (UTC) (envelope-from fasxmut@protonmail.com) Date: Sat, 29 May 2021 11:53:45 +0000 To: "freebsd-security@freebsd.org" From: Fas Xmut Reply-To: Fas Xmut Subject: sysrc bug Message-ID: MIME-Version: 1.0 X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Rspamd-Queue-Id: 4Fsg1x5rN9z4lQ0 X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.63 / 15.00]; HAS_REPLYTO(0.00)[fasxmut@protonmail.com]; FREEMAIL_FROM(0.00)[protonmail.com]; R_SPF_ALLOW(-0.20)[+ip4:185.70.40.0/24]; MIME_BASE64_TEXT_BOGUS(1.00)[]; DKIM_TRACE(0.00)[protonmail.com:+]; MIME_BASE64_TEXT(0.10)[]; DMARC_POLICY_ALLOW(-0.50)[protonmail.com,quarantine]; NEURAL_HAM_SHORT(-0.73)[-0.725]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[185.70.40.130:from]; FREEMAIL_ENVFROM(0.00)[protonmail.com]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[protonmail.com:s=protonmail]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; FREEMAIL_REPLYTO(0.00)[protonmail.com]; HAS_PHPMAILER_SIG(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[185.70.40.130:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[185.70.40.130:from]; TO_DN_EQ_ADDR_ALL(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[185.70.40.130:from]; MAILMAN_DEST(0.00)[freebsd-security] X-Mailman-Approved-At: Sun, 30 May 2021 06:09:59 +0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 May 2021 11:53:59 -0000 SSBkb24ndCBrbm93IGlmIGl0IGlzIGEgc2VjdXJpdHkgYnVnIG9yIG5vdC4gV2hlbiBJIHVzZSBz eXNyYyB0b2RheSwgdGhlIGVycm9yIG9wZXJhdGlvbnMgZW1wdGllZCBteSAvZXRjL3JjLmNvbmYs IHRoYXQncyBhIHNtYWxsIGRpc2FzdGVyLCBiZWNhdXNlIG15IC9ldGMvcmMuY29uZiBpcyB1cGRh dGVkIGRheSBieSBkYXksIGJ1dCBub3csIGl0IGlzIGVtcHR5LgoKRmlyc3QsIGNoYW5nZSB5b3Vy IGRlZmF1bHQgcm9vdCBzaGVsbCB0byBzaC9rc2ggb3IgdGhlaXIgZGVyaXZlZCBzaGVsbC4gKEkg aGF2ZSB0ZXN0ZWQsIGNzaCB3aWxsIG5vdCB0cmlnZ2VyIHRoYXQgYnVnKS4KClNlY29uZCwgYmFj a3VwIC9ldGMvcmMuY29uZiB0byBhbnkgb3RoZXIgcGxhY2UuCgpUaGVuIGRvIHRoZSBmb2xsb3dp bmcgY29tbWFuZHM6CgotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBzeXNyYyBzb21ldGhpbmdfZW5hYmxlPSJO TyIKIyBzeXNyYyBzb21ldGhpbmdfZW5hYmxlPSJZRVMKPiAiCmF3azogbmV3bGluZSBpbiBzdHJp bmcgWUVTCi4uLiBhdCBzb3VyY2UgbGluZSAxCnNvbWV0aGluZ19lbmFibGU6IE5PIC0+IFlFUwot LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0KCk5vdyBzZWUgd2hhdCBpcyBpbnNpZGUgL2V0Yy9yYy5jb25mID8gRXZl cnl0aGluZyBpcyBlbXB0eSEgb25seSBvbmUgdGhpbmcgaW4gaXQ6CgotLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0K c29tZXRoaW5nX2VuYWJsZT0iWUVTCiIKLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgpTZW50IHdpdGggW1Byb3Rv bk1haWxdKGh0dHBzOi8vcHJvdG9ubWFpbC5jb20pIFNlY3VyZSBFbWFpbC4= From owner-freebsd-security@freebsd.org Sun May 30 13:39:22 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 54A176558E6 for ; Sun, 30 May 2021 13:39:22 +0000 (UTC) (envelope-from jhellenthal@dataix.net) Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtKK46nZPz4lj4 for ; Sun, 30 May 2021 13:39:20 +0000 (UTC) (envelope-from jhellenthal@dataix.net) Received: by mail-io1-xd31.google.com with SMTP id k22so9231593ioa.9 for ; Sun, 30 May 2021 06:39:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=bfNRD5AI1qfcGSrXLqIyxjC2o9Dl5x7HUL0GNJShUDI=; b=W94QaL8TSl2dnIk0tR7FJ1dXaD+HLgo3rqBOiymxVdKyfTbG675pOqAP59ycpnIFfI bIJ0hvrrnq95417riWGPjMePCKpS4ekVd1Scx7wWomnCutakqHcSNPz7iWYIr/g8Y3/j WkUMBF29lYRFCPEDhCReqt7qnccQDzCVuJ32gYOsuiAxdFAjqRVetzOU9tShnjpBOGGU oxk3hgozMwYoDk1/2PJkPe68oHvg8jWGcstfk4PmWftW3wvF7iDr0cfEu5Wzg+e7vVHv lI8B6Jg05YhraW1Lm5jj5uJhWx7J/y01FrTdZgoXB4nJdHCAQgUz3+LlYqNkRUyavmgO 0U3w== X-Gm-Message-State: AOAM533OI4OfojoUIXHC9vmeemVLKDd+5tiTvGqO8ijeQPwb/m/Bty8L 6xvw/N6HqEG4bokr6QYwizMDM31W/eOoYA== X-Google-Smtp-Source: ABdhPJwYZLj9BKdiSRWq7rNFcO4oU+eO3KimSlUTixOUFWg5T5BcIWNRz+BMcEfKq2GVxJT/Ov2lHw== X-Received: by 2002:a6b:8b48:: with SMTP id n69mr13573602iod.165.1622381959511; Sun, 30 May 2021 06:39:19 -0700 (PDT) Received: from smtpclient.apple (2603-6000-ca01-6f86-09fa-7c84-c275-9abf.res6.spectrum.com. [2603:6000:ca01:6f86:9fa:7c84:c275:9abf]) by smtp.gmail.com with ESMTPSA id r8sm6187207ile.25.2021.05.30.06.39.18 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 30 May 2021 06:39:18 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: "J. Hellenthal" Mime-Version: 1.0 (1.0) Subject: Re: sysrc bug Date: Sun, 30 May 2021 08:21:20 -0500 Message-Id: <9660FA98-3075-4047-B00F-F24F1656B778@dataix.net> References: Cc: freebsd-security@freebsd.org In-Reply-To: To: Fas Xmut X-Mailer: iPhone Mail (18F72) X-Rspamd-Queue-Id: 4FtKK46nZPz4lj4 X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[dataix.net:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[dataix.net,reject]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FREEMAIL_TO(0.00)[protonmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::d31:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[dataix.net:s=net]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::d31:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d31:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 13:39:22 -0000 Think this would be an extra security bug considering that gets wiped out th= en the system isn't going to come back online after a reboot =F0=9F=A4=AA Nice find !!! --=20 J. Hellenthal The fact that there's a highway to Hell but only a stairway to Heaven says a= lot about anticipated traffic volume. > On May 30, 2021, at 01:10, Fas Xmut via freebsd-security wrote: >=20 > =EF=BB=BFI don't know if it is a security bug or not. When I use sysrc tod= ay, the error operations emptied my /etc/rc.conf, that's a small disaster, b= ecause my /etc/rc.conf is updated day by day, but now, it is empty. >=20 > First, change your default root shell to sh/ksh or their derived shell. (I= have tested, csh will not trigger that bug). >=20 > Second, backup /etc/rc.conf to any other place. >=20 > Then do the following commands: >=20 > ------------------------------------------------------------------------ > # sysrc something_enable=3D"NO" > # sysrc something_enable=3D"YES >> " > awk: newline in string YES > ... at source line 1 > something_enable: NO -> YES > ------------------------------------------------------------------------ >=20 > Now see what is inside /etc/rc.conf ? Everything is empty! only one thing i= n it: >=20 > ------------------------------------------------------------------------ > something_enable=3D"YES > " > ------------------------------------------------------------------------ >=20 > Sent with [ProtonMail](https://protonmail.com) Secure Email. > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org= " From owner-freebsd-security@freebsd.org Sun May 30 13:43:17 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C3761655CA2 for ; Sun, 30 May 2021 13:43:17 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtKPc1GL8z4mRT for ; Sun, 30 May 2021 13:43:15 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id 14UDhAmm054555 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 30 May 2021 13:43:11 GMT (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: fasxmut@protonmail.com Received: from [10.58.0.10] (dadvw [10.58.0.10]) by eg.sd.rdtc.ru (8.16.1/8.16.1) with ESMTPS id 14UDh7ES065452 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Sun, 30 May 2021 20:43:07 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: sysrc (awk) bug To: Fas Xmut , "freebsd-security@freebsd.org" References: <0J-hkv9PO-ZfjHO2kiEVatVRNdz0xTZ8pDMOvPreE53RFRsgyWHnU0U1IPO-mxNmswiB5KyGgO067-gLMA0PfW4Py3bBYllvQCBMTc2T8QE=@protonmail.com> From: Eugene Grosbein Message-ID: Date: Sun, 30 May 2021 20:43:01 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <0J-hkv9PO-ZfjHO2kiEVatVRNdz0xTZ8pDMOvPreE53RFRsgyWHnU0U1IPO-mxNmswiB5KyGgO067-gLMA0PfW4Py3bBYllvQCBMTc2T8QE=@protonmail.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=1.6 required=5.0 tests=BAYES_00,LOCAL_FROM, NICE_REPLY_A,RDNS_NONE,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * -0.0 SPF_PASS SPF: sender matches SPF record * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record * 2.6 LOCAL_FROM From my domains * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS * -0.6 NICE_REPLY_A Looks like a legit reply (A) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net X-Spam-Level: * X-Rspamd-Queue-Id: 4FtKPc1GL8z4mRT X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=fail (mx1.freebsd.org: domain of eugen@grosbein.net does not designate 2a01:4f8:c2c:26d8::2 as permitted sender) smtp.mailfrom=eugen@grosbein.net X-Spamd-Result: default: False [-0.10 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; R_SPF_FAIL(1.00)[-all]; FREEFALL_USER(0.00)[eugen]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[grosbein.net]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a01:4f8:c2c:26d8::2:from]; NEURAL_SPAM_SHORT(1.00)[1.000]; SPAMHAUS_ZRD(0.00)[2a01:4f8:c2c:26d8::2:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FREEMAIL_TO(0.00)[protonmail.com,freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/32, country:DE]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 13:43:17 -0000 30.05.2021 11:36, Fas Xmut via freebsd-security wrote: > I don't know if it is a security bug or not. When I use sysrc today, the error operations emptied my /etc/rc.conf, that's a small disaster, because my /etc/rc.conf is updated day by day, but now, it is empty. > > First, change your default root shell to sh/ksh or their derived shell. (I have tested, csh will not trigger that bug). > > Second, backup /etc/rc.conf to any other place. > > Then do the following commands: > > ------------------------------------------------------------------------ > # sysrc something_enable="NO" > # sysrc something_enable="YES >> " > awk: newline in string YES > ... at source line 1 > something_enable: NO -> YES > ------------------------------------------------------------------------ > > Now see what is inside /etc/rc.conf ? Everything is empty! only one thing in it: > > ------------------------------------------------------------------------ > something_enable="YES > " > ------------------------------------------------------------------------ What is your FreeBSD version? From owner-freebsd-security@freebsd.org Mon May 31 02:01:40 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BC30D63BFA6 for ; Mon, 31 May 2021 02:01:40 +0000 (UTC) (envelope-from fasxmut@protonmail.com) Received: from mail-40130.protonmail.ch (mail-40130.protonmail.ch [185.70.40.130]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "SwissSign Server Gold CA 2014 - G22" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ftdnb1pfJz4s0R for ; Mon, 31 May 2021 02:01:38 +0000 (UTC) (envelope-from fasxmut@protonmail.com) Date: Mon, 31 May 2021 02:01:22 +0000 To: Eugene Grosbein From: Fas Xmut Cc: "freebsd-security@freebsd.org" Reply-To: Fas Xmut Subject: Re: sysrc (awk) bug Message-ID: <6YNQ4285ppiZ6viy28yztJUyMh7Pk0ke-lH_kRqbuRw-I3viTyQAEZrQ13MTEwAUd5s8Qd7xXi2PDpObhUa5GUatzo8-UdfvczaWtPZ47jw=@protonmail.com> In-Reply-To: References: <0J-hkv9PO-ZfjHO2kiEVatVRNdz0xTZ8pDMOvPreE53RFRsgyWHnU0U1IPO-mxNmswiB5KyGgO067-gLMA0PfW4Py3bBYllvQCBMTc2T8QE=@protonmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Rspamd-Queue-Id: 4Ftdnb1pfJz4s0R X-Spamd-Bar: --- X-Spamd-Result: default: False [-4.00 / 15.00]; HAS_REPLYTO(0.00)[fasxmut@protonmail.com]; TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[protonmail.com]; R_SPF_ALLOW(-0.20)[+ip4:185.70.40.0/24]; DKIM_TRACE(0.00)[protonmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[protonmail.com,quarantine]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[185.70.40.130:from]; FREEMAIL_ENVFROM(0.00)[protonmail.com]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[protonmail.com:s=protonmail]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; FREEMAIL_REPLYTO(0.00)[protonmail.com]; SPAMHAUS_ZRD(0.00)[185.70.40.130:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[185.70.40.130:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[185.70.40.130:from]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 May 2021 02:01:40 -0000 13.0-Release Sent with ProtonMail Secure Email. =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 Original Me= ssage =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 On Sunday, May 30, 2021 1:43 PM, Eugene Grosbein wrote= : > 30.05.2021 11:36, Fas Xmut via freebsd-security wrote: > > > I don't know if it is a security bug or not. When I use sysrc today, th= e error operations emptied my /etc/rc.conf, that's a small disaster, becaus= e my /etc/rc.conf is updated day by day, but now, it is empty. > > First, change your default root shell to sh/ksh or their derived shell.= (I have tested, csh will not trigger that bug). > > Second, backup /etc/rc.conf to any other place. > > Then do the following commands: > > > > sysrc something_enable=3D"NO" > > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > > > > sysrc something_enable=3D"YES > > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D > > > > > " > > > awk: newline in string YES > > > ... at source line 1 > > > something_enable: NO -> YES > > > > Now see what is inside /etc/rc.conf ? Everything is empty! only one thi= ng in it: > > > > something_enable=3D"YES > > " > > > > ------------------------ > > What is your FreeBSD version? From owner-freebsd-security@freebsd.org Sun May 30 06:22:54 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C790264F9E0 for ; Sun, 30 May 2021 06:22:54 +0000 (UTC) (envelope-from mario@supermoder.si) Received: from mail.supermoder.si (mail.supermoder.si [89.212.202.29]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ft7dT5ptfz3nf6 for ; Sun, 30 May 2021 06:22:53 +0000 (UTC) (envelope-from mario@supermoder.si) Received: from hermes.benko.local (localhost [127.0.0.1]) by mail.supermoder.si (Postfix) with ESMTP id CF321125F0B; Sun, 30 May 2021 08:22:44 +0200 (CEST) X-Virus-Scanned: amavisd-new at supermoder.si Received: from mail.supermoder.si ([127.0.0.1]) by hermes.benko.local (hermes.benko.local [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id R61bcIJ5S67V; Sun, 30 May 2021 08:22:41 +0200 (CEST) Received: from hermes.benko.local (localhost [127.0.0.1]) by mail.supermoder.si (Postfix) with ESMTPSA id 792F4125F03; Sun, 30 May 2021 08:22:41 +0200 (CEST) From: mario@supermoder.si MIME-Version: 1.0 (1.0) Subject: Re: sysrc (awk) bug Date: Sun, 30 May 2021 08:22:40 +0200 Message-ID: References: <0J-hkv9PO-ZfjHO2kiEVatVRNdz0xTZ8pDMOvPreE53RFRsgyWHnU0U1IPO-mxNmswiB5KyGgO067-gLMA0PfW4Py3bBYllvQCBMTc2T8QE=@protonmail.com> Cc: freebsd-security@freebsd.org In-Reply-To: <0J-hkv9PO-ZfjHO2kiEVatVRNdz0xTZ8pDMOvPreE53RFRsgyWHnU0U1IPO-mxNmswiB5KyGgO067-gLMA0PfW4Py3bBYllvQCBMTc2T8QE=@protonmail.com> To: Fas Xmut User-Agent: Horde Application Framework 5 X-Rspamd-Queue-Id: 4Ft7dT5ptfz3nf6 X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.90 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[supermoder.si:s=mykey]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:89.212.202.29]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RBL_DBL_DONT_QUERY_IPS(0.00)[89.212.202.29:from]; SPAMHAUS_ZRD(0.00)[89.212.202.29:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[supermoder.si:+]; MIME_BASE64_TEXT(0.10)[]; FROM_NO_DN(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; FREEMAIL_TO(0.00)[protonmail.com]; DMARC_POLICY_ALLOW(-0.50)[supermoder.si,quarantine]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:34779, ipnet:89.212.192.0/18, country:SI]; MID_RHS_MATCH_FROM(0.00)[]; MAILMAN_DEST(0.00)[freebsd-security] X-Mailman-Approved-At: Mon, 31 May 2021 08:20:08 +0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 06:22:54 -0000 VG8gbXkga25vd2xlZGdlLCBpdCBpcyBub3QgcmVjb21tZW5kZWQgdG8gY2hhbmdlIGRlZmF1bHQg c2hlbGwuIEFzIGZvciByZXN0IEkgd2lsbCBsZWF2ZSB0byBvdGhlciBleHBlcnRzLiANCg0KaHR0 cHM6Ly9kb2NzLmZyZWVic2Qub3JnL2VuL2FydGljbGVzL2xpbnV4LXVzZXJzLyNzaGVsbHMNCg0K DQpSZWdhcmRzLA0KTWFyaW8NCg0KDQo+IE9uIDMwIE1heSAyMDIxLCBhdCAwNjozNiwgRmFzIFht dXQgdmlhIGZyZWVic2Qtc2VjdXJpdHkgPGZyZWVic2Qtc2VjdXJpdHlAZnJlZWJzZC5vcmc+IHdy b3RlOg0KPiANCj4g77u/SSBkb24ndCBrbm93IGlmIGl0IGlzIGEgc2VjdXJpdHkgYnVnIG9yIG5v dC4gV2hlbiBJIHVzZSBzeXNyYyB0b2RheSwgdGhlIGVycm9yIG9wZXJhdGlvbnMgZW1wdGllZCBt eSAvZXRjL3JjLmNvbmYsIHRoYXQncyBhIHNtYWxsIGRpc2FzdGVyLCBiZWNhdXNlIG15IC9ldGMv cmMuY29uZiBpcyB1cGRhdGVkIGRheSBieSBkYXksIGJ1dCBub3csIGl0IGlzIGVtcHR5Lg0KPiAN Cj4gRmlyc3QsIGNoYW5nZSB5b3VyIGRlZmF1bHQgcm9vdCBzaGVsbCB0byBzaC9rc2ggb3IgdGhl aXIgZGVyaXZlZCBzaGVsbC4gKEkgaGF2ZSB0ZXN0ZWQsIGNzaCB3aWxsIG5vdCB0cmlnZ2VyIHRo YXQgYnVnKS4NCj4gDQo+IFNlY29uZCwgYmFja3VwIC9ldGMvcmMuY29uZiB0byBhbnkgb3RoZXIg cGxhY2UuDQo+IA0KPiBUaGVuIGRvIHRoZSBmb2xsb3dpbmcgY29tbWFuZHM6DQo+IA0KPiAtLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0NCj4gIyBzeXNyYyBzb21ldGhpbmdfZW5hYmxlPSJOTyINCj4gIyBzeXNyYyBz b21ldGhpbmdfZW5hYmxlPSJZRVMNCj4+ICINCj4gYXdrOiBuZXdsaW5lIGluIHN0cmluZyBZRVMN Cj4gLi4uIGF0IHNvdXJjZSBsaW5lIDENCj4gc29tZXRoaW5nX2VuYWJsZTogTk8gLT4gWUVTDQo+ IC0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLQ0KPiANCj4gTm93IHNlZSB3aGF0IGlzIGluc2lkZSAvZXRjL3JjLmNv bmYgPyBFdmVyeXRoaW5nIGlzIGVtcHR5ISBvbmx5IG9uZSB0aGluZyBpbiBpdDoNCj4gDQo+IC0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLQ0KPiBzb21ldGhpbmdfZW5hYmxlPSJZRVMNCj4gIg0KPiAtLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0NCj4gDQo+IFNlbnQgd2l0aCBbUHJvdG9uTWFpbF0oaHR0cHM6Ly9wcm90b25tYWlsLmNv bSkgU2VjdXJlIEVtYWlsLg0KPiBfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fXw0KPiBmcmVlYnNkLXNlY3VyaXR5QGZyZWVic2Qub3JnIG1haWxpbmcgbGlzdA0K PiBodHRwczovL2xpc3RzLmZyZWVic2Qub3JnL21haWxtYW4vbGlzdGluZm8vZnJlZWJzZC1zZWN1 cml0eQ0KPiBUbyB1bnN1YnNjcmliZSwgc2VuZCBhbnkgbWFpbCB0byAiZnJlZWJzZC1zZWN1cml0 eS11bnN1YnNjcmliZUBmcmVlYnNkLm9yZyINCg== From owner-freebsd-security@freebsd.org Mon May 31 11:37:48 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 31EF3645372 for ; Mon, 31 May 2021 11:37:48 +0000 (UTC) (envelope-from j.chen1070116@yahoo.com) Received: from sonic302-21.consmr.mail.ne1.yahoo.com (sonic302-21.consmr.mail.ne1.yahoo.com [66.163.186.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FttZL4kxMz4fQ2 for ; Mon, 31 May 2021 11:37:46 +0000 (UTC) (envelope-from j.chen1070116@yahoo.com) X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1622461064; bh=eWoSZe6jyw5VRp+1xwjvga6xrfkx8QGpEg4TIAoqBUU=; h=X-Sonic-MF:Date:From:To:Subject:From:Subject; b=gcO9dCwNHGE2tVU7Jspy+nky9XqBE9Kn/8TBZsSNyxLk4yxeF7h/BnG5atZLigVASR/GBXBuUXzUWSYFY/WzyX6LmpnOA/l9/M0M35ByRQwd9HwaAMRG5IQ7ZS8+P82Jo331qBBPANhkbZifleaCxNls1pE23l6i+vZnX9H6Kuuwv/u4fJB5S0rxbl/LwBqdtRS0yMdIDadmie4bd29qrYTNtqEOLwUde+OqiGXKcDHLrLNmveuy2RhMf8O+nywgKPdHXZPjgXvIH2FgjUR1c+tKKV9evLp8uBTXQGz1KONFOT/T4cV5ydAIIIs4sgYGev2DgtM8T5hULv4U1vNklQ== X-YMail-OSG: ee.amMUVM1kHGSxKFIRSaI7U_d.glYak0B3PNevy9MIn7uh8S5ruL2.SyYkr8xB 8q34KYhIx.yU_xwqNb8BVIv8DP9u3u2bJt_dFnOd4lbVI5hC.0NXTX_8.1rijGP0v_3dvN.xUtO2 bn7X4PwCNwohbrzthN25.3HoBa4QoVfq_xPtdNzodosbUvgrguU46aV_P3X8dTTBS5fgA8749ojY XOb.AMlhnRwMQ3S888_eYtgH2ef0hjMEoOtQHixz5dAwq7podInl.HYpgvqu.hJqsC6kUs6hMe4i IFb0SkEm6NLElt_9kFPXGlJ5JEubT7XlwHHpTAtPyEEuR9t2IJDELB8no0UJkPCVf0XfQKXc3WOd yJGSjvefsCsrqVLXRLTx5apt3e7ejRcVzb5kEax64h7BHId7o7WZSDe_.SOPMQUsUSLyuLl0RYPV QfOex.876M4Du4wPOrJR1hrNaFkYHSu.z9YrjBFTYp308LNzjmJVcc1n8Q7YzJK4niVmNc7xvbSG 9tbUxI8eETKmZtWNnmAt8UjfA7sr5OeUqsGOHz0Ho6dYDBMtFWMriIP4rdYKoubP3ggN6W00SqNl b6rQiv.K2xu_3YhNg2dyvYr3JRhW7HU75zztrm4HwTcVeMYT9a246EQ8Y7UY9MiQ3bCXlQPX94H. pU09xlSN3c2BN7jI2Z3pGe.g7tJC1i3mTCR9voGeabVor3cj9455E4ZSAy7YaHwsFKr7iIIiKXXj E7693h19Om3zn2R8jXruW0XOX9HlVuuNMZw2on6Qz.2F_JIHvcDs5hKXTGQ70AcUPXGfOQpqHoQl z9Cv9UYu8LHHYq2WA2zzjO7nXXA2Y18EwTg6Knc6zbI4ZVabPcnwhLm70OwobvmGWW6OOHT5TlaR K_LlP4hpGbzf152lWTDMY4sHNKFcUFfdS2_Zm0Z096_bTOtabnGiYPC0HyprCQiQhA7pdWzvcBAA _2_llsSK76EndIoN00jWwm9HjMpbEHh6UyxEESTk.LqmR4UBUE4tWEdx8iXWz2hgtvKKYmAebpML JJxVokbVv6TfYHOOYbImDGCTECm7cpqAzj7.u2eenTIw86RHSlEtpxud2YrGiF1mHCYkqZsPAFJL 9i1L4z3zzxOBpRhziojuHYxvs.fMialgHs.KbkRwRqxExH9.DvsP6Kw9NZijQAFugiIx5iPonIqs 6JvEcMjSoHpmExYqPDE4f11TejYuOFGseRybO1ch76BY5_QgFGpwwCFV_4O7mydJzNT3pLKWQbO3 iT8aBc2tLub8OLP1KKdjXgG9krVt3a.Af3lz0QOn8P1skPM3dpHpsFfkMUPhv1opf6gohDsucULm TvsFjotggXL50rHezyN5MPjrtdHJf5GK4Z0hK7Xv_bmf_1BQequFRrbnO0JbYJ6ACUT9tEKpIFqr DxfcB.m77ekg8iSHcNu720Dx4Iahvh48Hm_aK2X89Vs6JfPYdmGfkwyfK8JBxQs83CB1u5ZmvLUP m.sSueJ8SGjcRwxK4DaLNJL51uHThLGvxQzqCm09rs5.m.Ye2AJzEsPsjO5FWzH8JM.7ZmqbWOM1 4D07gkWe0P5supWF2VixCJ4.ytRKIbjbEqMLrnp69mBFsNvORUXduWKzzG5Jrr1djigzxNNthG_v lX9UddLdsVgqYmrM9nqoxLTB9r8npf6nitLclj6T78P650joc8zMU4CTI6VLOoGbywr3d_IWOAXj OjhqPab.IzMjg6bLciM0aU3TVn6VmwtGUYV6yJw0J0Qq85Op2p1WdlppFlcHbReOgx4Z6e3DqTRU oDm9m9qqC4cZPdQwkoiHc4YuDbAY_7MPyZb_rH6L_rISk_k3FnRZx09tZWMFW0fcUHq6K0uRqAXA 1bOSbPF.RN6wB5v2wGUGq3HgW90XnfAAuXFZPYCrKRHQjzSZ94MlpNXQrVML5oStKQ_s65i_UUFf R.pHXboy2Mpbckd9ADQdShElxaevM4EUb2BHLbXqTQSHBKOZfALrzAULLuMF_hV2n.Kc5zWZCoHz bmfQMR9dP8acpVgZdUddNf7_qHAC_BIDelrmzyttVrt17nEsu6m0QmXc8mTdBJvxZzp3.zb9k.qh qiBDarH2DPzh2K0rJZLjPjZ4evkLAZse2wo.SiUeqCxZTcPdxoDMdeI3Pf56PU4GiFpusGQG8U5w 02tY6KDlNsS940rYyl5SkTcQwTr47VWDNOdhHvmfXk99xdqgM.HubeQxz9xw0Z6e93cH2Xycq8zZ _ghPL3wMifwCH65wcqgRYfIiahIEUT97w8vAnviH3yYOKNqgZhpZMiULocvFSsTrM.iiVRM9Nyh2 zOWMQPmEiO0d5SKPkrxIYJ4wDySZp3XdLUj0Ealgva83VDBHRWv9ZzswGVbDjzPq2FdWQSoCKBrz xLGfvKJqKU4FoZKeAzVU- X-Sonic-MF: Received: from sonic.gate.mail.ne1.yahoo.com by sonic302.consmr.mail.ne1.yahoo.com with HTTP; Mon, 31 May 2021 11:37:44 +0000 Date: Mon, 31 May 2021 11:37:24 +0000 (UTC) From: Jane Chen To: "freebsd-security@freebsd.org" Message-ID: <1307075529.1919818.1622461044660@mail.yahoo.com> Subject: =?UTF-8?B?6Iux5qC85ouJ5aeG6K+0?= MIME-Version: 1.0 References: <1307075529.1919818.1622461044660.ref@mail.yahoo.com> X-Mailer: WebService/1.1.18368 YMailNorrin X-Rspamd-Queue-Id: 4FttZL4kxMz4fQ2 X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.78 / 15.00]; FREEMAIL_FROM(0.00)[yahoo.com]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; HAS_ATTACHMENT(0.00)[]; DKIM_TRACE(0.00)[yahoo.com:+]; MIME_BASE64_TEXT(0.10)[]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; NEURAL_HAM_SHORT(-0.88)[-0.875]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:~,4:~]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36646, ipnet:66.163.184.0/21, country:US]; RBL_DBL_DONT_QUERY_IPS(0.00)[66.163.186.147:from]; DWL_DNSWL_NONE(0.00)[yahoo.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/mixed,multipart/alternative,text/plain]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[66.163.186.147:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[66.163.186.147:from]; TO_DN_EQ_ADDR_ALL(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[66.163.186.147:from]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-security] X-Mailman-Approved-At: Mon, 31 May 2021 15:50:51 +0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: base64 X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 May 2021 11:37:48 -0000 VHJ1dGggaW4g6ZmE4oaS5Lu244CC44CC44CCCjIwMjEtMDUtMzEKCuS4peWzu+WGrOWto+aatOmj jumbqui/nuaXpeadpeiireKYu+WHu+e+juWbve+8jOWvvOiHtOmBk+i3r+e7k+WGsOOAgeS6pOmA muWPl+mYu++8jOiHs+WwkTE15Lq65q275Lqh77yM6LaF6L+HMuS6v+S6uuWkhOS6juWkqeawlOeb uOWFs+eahOitpuaKpeS4i+OAguW+t+W3nuWPl+WIsOWGsuWHu+acgOS4pemHje+8jDQwMOS4h+aI t+WutuW6reWSjOS8geS4mumBreaWreeUteWGsuWHu+OAggoK4oCc6L+Z5piv5oiR5LuO5pyq6KeB 6L+H55qE5Zy65pmv44CC5aSn6YeP56C05Z2P44CC6L+Z5bCG5piv5LiA5Liq5ryr6ZW/55qE5oGi 5aSN6L+H56iL44CC4oCd5YyX5Y2h5bee5biD5Lym55Ge5YWL5Y6/77yIQnJ1bnN3aWNrIENvdW50 ee+8ieitpumVv+e6pue/sOKAp+iLseagvOaLieWnhu+8iEpvaG4gSW5ncmFt77yJ5Zyo5ZGo5LqM 5pep5Lqb5pe25YCZ5Y+s5byA55qE5paw6Ze75Y+R5biD5Lya5LiK6K+044CC6b6Z5Y236aOO5Zyo 5ZGo5LiA5Y2I5aSc5ZCO6KKt4pi75Ye75LqGR3Jpc3NldHRvd27plYfpmYTov5HlnLDljLrjgIIK Cu+8iOWkp+KWpOe6quKWqOWFg++8iQo= From owner-freebsd-security@freebsd.org Mon May 31 22:58:46 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BE9A163212C for ; Mon, 31 May 2021 22:58:46 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: from mail-ua1-x92d.google.com (mail-ua1-x92d.google.com [IPv6:2607:f8b0:4864:20::92d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fv9h53MhTz3N6n for ; Mon, 31 May 2021 22:58:45 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: by mail-ua1-x92d.google.com with SMTP id c10so346374uan.6 for ; Mon, 31 May 2021 15:58:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3XEUHXz+9629NRaARG0JrZv2TpKYhlgYc93mkMLjRSk=; b=JyuWtI+ZkCJ0qxymeKq7kyxkVyigK8lupfsPJedZ5/xnJLvTFluDUbUhqtapmMKqhH yjJhoHXrCfYOG90I1CU0QCMCFBJ3wZS/WqEYHvyh3rN6R6ZpElGtG9WWngGcnz09tT2o 0WB7TfcJ6lxdCywbWW2OKHoHkoGxOlWFl/nJzcC7VPbUIIBK9CPL7ff7fTzcXvJtOxoJ BkA6wMDE58vawTY3JIvwTxmj+Ad4mk+R9FCPpQSzeohYwmHLowbVY41M7xFuBGi1pfQh 9n5Er9Gkr9JMnoaRhhycIXHpwr1zO6FG34z5a3jJQ/j0Oc5br+ln2op8iwBxiCIyeqDf auMw== X-Gm-Message-State: AOAM531uXflnOpZX8cbKNz0L1vxfb9dn0faHwHwAJHKd0/8DUUX1n9uW 13x2Gp3d3ZFA2yb2+xwWAECOjYOiW0mNNkTr/epH X-Google-Smtp-Source: ABdhPJxDHXYP0DtNEbs0tdf26EIrfL2bmiZMqR+AYZEDUdqjVLKiIQxYP9opRhlla2aOlZUi5t5MbVQ0L77ZKc8TYs4= X-Received: by 2002:ab0:3418:: with SMTP id z24mr11724844uap.130.1622501924460; Mon, 31 May 2021 15:58:44 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Gordon Tetlow Date: Mon, 31 May 2021 15:58:33 -0700 Message-ID: Subject: Re: sysrc bug To: Fas Xmut Cc: "freebsd-security@freebsd.org" Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4Fv9h53MhTz3N6n X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.93 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; DKIM_TRACE(0.00)[tetlows.org:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[tetlows.org,quarantine]; NEURAL_HAM_SHORT(-0.93)[-0.935]; FREEMAIL_TO(0.00)[protonmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::92d:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[tetlows.org:s=google]; FREEFALL_USER(0.00)[gordon]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::92d:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::92d:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 May 2021 22:58:46 -0000 This isn't a security bug as it requires root privilege to empty /etc/rc.conf. If you have root privilege, you can do that already. Also, changing the root shell is bad for many reasons and I'm not surprised that something doesn't work. That said, it certainly is less than desirable and should probably be more robust in case of this failure. I would recommend opening a bug for this and see if we can get someone to pick it up. Thanks for the report! Gordon Hat: security-officer On Sat, May 29, 2021 at 11:10 PM Fas Xmut via freebsd-security wrote: > > I don't know if it is a security bug or not. When I use sysrc today, the error operations emptied my /etc/rc.conf, that's a small disaster, because my /etc/rc.conf is updated day by day, but now, it is empty. > > First, change your default root shell to sh/ksh or their derived shell. (I have tested, csh will not trigger that bug). > > Second, backup /etc/rc.conf to any other place. > > Then do the following commands: > > ------------------------------------------------------------------------ > # sysrc something_enable="NO" > # sysrc something_enable="YES > > " > awk: newline in string YES > ... at source line 1 > something_enable: NO -> YES > ------------------------------------------------------------------------ > > Now see what is inside /etc/rc.conf ? Everything is empty! only one thing in it: > > ------------------------------------------------------------------------ > something_enable="YES > " > ------------------------------------------------------------------------ > > Sent with [ProtonMail](https://protonmail.com) Secure Email. > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@freebsd.org Mon May 31 23:08:05 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A05CE6322F6 for ; Mon, 31 May 2021 23:08:05 +0000 (UTC) (envelope-from marquis@roble.com) Received: from mx5.roble.com (mx5.roble.com [209.237.23.5]) (using TLSv1.3 with cipher TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA512 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fv9tr4Sjjz3PMt for ; Mon, 31 May 2021 23:08:04 +0000 (UTC) (envelope-from marquis@roble.com) Received: from roble.com (roble.com [209.237.23.50]) by mx5.roble.com (Postfix) with ESMTP id D04CD73512; Mon, 31 May 2021 16:07:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=roble.com; s=rs060402; t=1622502477; bh=TYmjEUiLh3TJqx+YCxPk4t2Ek2LHkbtzLRFFiBTxutY=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=mjH2FzIAAxmQ6UE7an8oxVI0wajxEQzRg2Y1PzCg3g4/AJoHLiflXoFOQ/mZMzjNK XHqDw0+AXtj8FlKWJN6EuG/ydJADqAIenEVbGKgUPHmhi6rCKiDGeJb64XKCwDTxb0 BD/+1xzRBsuwQu1ZbKSBAHKM5vMSrX9XukU8K5lM= Date: Mon, 31 May 2021 16:07:56 -0700 (PDT) From: Roger Marquis To: Gordon Tetlow cc: Fas Xmut , "freebsd-security@freebsd.org" Subject: Re: sysrc bug In-Reply-To: Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Rspamd-Queue-Id: 4Fv9tr4Sjjz3PMt X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=roble.com header.s=rs060402 header.b=mjH2FzIA; dmarc=pass (policy=none) header.from=roble.com; spf=pass (mx1.freebsd.org: domain of marquis@roble.com designates 209.237.23.5 as permitted sender) smtp.mailfrom=marquis@roble.com X-Spamd-Result: default: False [-4.00 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[roble.com:s=rs060402]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.237.23.0/24]; MIME_GOOD(-0.10)[text/plain]; RBL_DBL_DONT_QUERY_IPS(0.00)[209.237.23.5:from]; SPAMHAUS_ZRD(0.00)[209.237.23.5:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[roble.com:+]; DMARC_POLICY_ALLOW(-0.50)[roble.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:17403, ipnet:209.237.0.0/18, country:US]; FREEMAIL_CC(0.00)[protonmail.com,freebsd.org]; MAILMAN_DEST(0.00)[freebsd-security]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 May 2021 23:08:05 -0000 > Also, changing the root shell is bad for many reasons and I'm not > surprised that something doesn't work. Surprised this old myth is still being repeated. Having used various root shells in FreeBSD and other Unux/Linux systems for decades I have to ask specifically what said reasons are, particularly considering /usr/sbin/sysrc starts with "#!/bin/sh" (as does and should every system shell script). Roger Marquis From owner-freebsd-security@freebsd.org Tue Jun 1 00:22:40 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E4B0863423B for ; Tue, 1 Jun 2021 00:22:40 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FvCXv4229z3hqH for ; Tue, 1 Jun 2021 00:22:39 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@[62.231.161.221]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id 1510MTh3081904 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 1 Jun 2021 00:22:29 GMT (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: marquis@roble.com Received: from [10.58.0.10] (dadvw [10.58.0.10]) by eg.sd.rdtc.ru (8.16.1/8.16.1) with ESMTPS id 1510MOkK095387 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 1 Jun 2021 07:22:24 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: sysrc bug To: Roger Marquis , Gordon Tetlow References: Cc: "freebsd-security@freebsd.org" From: Eugene Grosbein Message-ID: <8ca289b7-2196-f7db-1c7b-a5fcbc2c5cc9@grosbein.net> Date: Tue, 1 Jun 2021 07:22:17 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00,LOCAL_FROM, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * -0.0 SPF_PASS SPF: sender matches SPF record * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record * 2.6 LOCAL_FROM From my domains * -0.6 NICE_REPLY_A Looks like a legit reply (A) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net X-Rspamd-Queue-Id: 4FvCXv4229z3hqH X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=fail (mx1.freebsd.org: domain of eugen@grosbein.net does not designate 2a01:4f8:c2c:26d8::2 as permitted sender) smtp.mailfrom=eugen@grosbein.net X-Spamd-Result: default: False [-2.10 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; R_SPF_FAIL(1.00)[-all]; FREEFALL_USER(0.00)[eugen]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[grosbein.net]; ARC_NA(0.00)[]; SPAMHAUS_ZRD(0.00)[2a01:4f8:c2c:26d8::2:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a01:4f8:c2c:26d8::2:from]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/32, country:DE]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2021 00:22:41 -0000 01.06.2021 6:07, Roger Marquis wrote: >> Also, changing the root shell is bad for many reasons and I'm not >> surprised that something doesn't work. > > Surprised this old myth is still being repeated. Having used various > root shells in FreeBSD and other Unux/Linux systems for decades I have to > ask specifically what said reasons are, particularly considering > /usr/sbin/sysrc starts with "#!/bin/sh" (as does and should every system > shell script). Original statement was: "one should not change root shell to something like /usr/local/bin/bash" and/or "one should not change root shell at all" (unless one knows what he does). There are multiple ways for unexperienced root to breaks things changing its shell: - vipw allows one to make a misprint typing shell path name rendering root without a shell (so "toor" user was born); - /usr/local/bin/bash or any other shell residing on file system not mounted in single user mode and/or requiring libraries residing on not inaccessible file system, including NFS-mounted; - some historic scripts making assumptions on root shell behaviour etc. So it is much safer to create distinct non-root user with desired shell and use "su -m" that raises privileges but keeps user environment intact (HOME, shell, other environment). From owner-freebsd-security@freebsd.org Tue Jun 1 03:54:40 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 57A926386F1 for ; Tue, 1 Jun 2021 03:54:40 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: from mail-pj1-x1036.google.com (mail-pj1-x1036.google.com [IPv6:2607:f8b0:4864:20::1036]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FvJFW41Pyz4Whl for ; Tue, 1 Jun 2021 03:54:39 +0000 (UTC) (envelope-from gordon@tetlows.org) Received: by mail-pj1-x1036.google.com with SMTP id o17-20020a17090a9f91b029015cef5b3c50so640285pjp.4 for ; Mon, 31 May 2021 20:54:39 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=HyqG6wo8sqVo6Se9QOTmWVFSQUUX6+4AXm0MdCc2MvE=; b=bDdX1IfpInIDwAcK9akFpF34fqyVCvRqNv+/03XpiNv92eTjcEbROzs0++G6Z/sSBM 6qcadzKBhz6ZU0QJlnxO1wY2qH6qIlCDFxGZregoVj0NWzzX6aXliv+IApa3vAt+Ew6N eaU8Gm5JLYpia++o4E3WKEME8hn94MIlZbV5SM22xYfDE+YXz5yhlgcsKigDP6yYM03W fot9v1XDI7NzfxZr9yqRTyROvm9DAxtZ2wLlYFmUOe7HMv8jnrXa/nkEizA3Amk4YNF1 W9zT54ZSsvXy8EeQffr8TysjGJeSHfQ5ztjf8ZLp4fFVjYalZ6wli95fWeGAAgWmAVr8 uWHA== X-Gm-Message-State: AOAM531RcBT3x+hkxpxEKWOtKVwY17XYCY3oimQfYUS4IPKwXH8kPw83 wjS+XIh4g+SJMht34H6k+cwNfj2bvKkR X-Google-Smtp-Source: ABdhPJxbnn1132avuaRRA05qnZMWHHr/cHaubqyvW0fhU0KYVXg8KDpJgewaqyrmfLytiKC/O32pBA== X-Received: by 2002:a17:902:d104:b029:105:fff1:74ad with SMTP id w4-20020a170902d104b0290105fff174admr5353681plw.69.1622519677654; Mon, 31 May 2021 20:54:37 -0700 (PDT) Received: from smtpclient.apple (2603-8001-5e40-d300-6439-803d-7312-571d.res6.spectrum.com. [2603:8001:5e40:d300:6439:803d:7312:571d]) by smtp.gmail.com with ESMTPSA id k7sm699422pjj.46.2021.05.31.20.54.37 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 31 May 2021 20:54:37 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: Gordon Tetlow Mime-Version: 1.0 (1.0) Subject: Re: sysrc bug Date: Mon, 31 May 2021 20:54:35 -0700 Message-Id: References: Cc: Fas Xmut , freebsd-security@freebsd.org In-Reply-To: To: Roger Marquis X-Mailer: iPhone Mail (18F72) X-Rspamd-Queue-Id: 4FvJFW41Pyz4Whl X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[tetlows.org:+]; DMARC_POLICY_ALLOW(-0.50)[tetlows.org,quarantine]; NEURAL_HAM_SHORT(-1.00)[-0.999]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::1036:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[tetlows.org:s=google]; FREEFALL_USER(0.00)[gordon]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::1036:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::1036:from]; FREEMAIL_CC(0.00)[protonmail.com,freebsd.org]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2021 03:54:40 -0000 > On May 31, 2021, at 16:07, Roger Marquis wrote: >=20 > =EF=BB=BF >>=20 >> Also, changing the root shell is bad for many reasons and I'm not >> surprised that something doesn't work. >=20 > Surprised this old myth is still being repeated. Having used various > root shells in FreeBSD and other Unux/Linux systems for decades I have to > ask specifically what said reasons are, particularly considering > /usr/sbin/sysrc starts with "#!/bin/sh" (as does and should every system > shell script). It=E2=80=99s likely due to the quoting behavior of newlines passed as the ar= gument when he ran the script, which varies between shell implementations. A= s I said, I=E2=80=99m not surprised something broke because many utilities a= re not tested with different shell behaviors. I also believe if we have a reproducible test case, we should go ahead and f= ix it. Gordon= From owner-freebsd-security@freebsd.org Tue Jun 1 21:22:43 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9E62E6302FB for ; Tue, 1 Jun 2021 21:22:43 +0000 (UTC) (envelope-from qmi@foresthacker.hu) Received: from mona.foresthacker.hu (mona.foresthacker.hu [80.211.198.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FvlVp6BM5z4r9h for ; Tue, 1 Jun 2021 21:22:42 +0000 (UTC) (envelope-from qmi@foresthacker.hu) Received: from [192.168.0.10] (unknown [178.48.142.77]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mona.foresthacker.hu (Postfix) with ESMTPSA id CE4E79B83 for ; Tue, 1 Jun 2021 23:22:33 +0200 (CEST) Subject: Re: sysrc bug To: freebsd-security@freebsd.org References: From: =?UTF-8?Q?Mikl=c3=b3s_Quartus?= Organization: Foresthacker Message-ID: <242de1fa-ccd5-c9d6-4b2e-330ac9dcc152@foresthacker.hu> Date: Tue, 1 Jun 2021 23:22:32 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-GB X-Rspamd-Queue-Id: 4FvlVp6BM5z4r9h X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.80 / 15.00]; MIME_TRACE(0.00)[0:+]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[80.211.198.27:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; HAS_ORG_HEADER(0.00)[]; SPAMHAUS_ZRD(0.00)[80.211.198.27:from:127.0.2.255]; ARC_NA(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[foresthacker.hu,quarantine]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; R_MIXED_CHARSET(1.00)[subject]; RCVD_COUNT_TWO(0.00)[2]; ASN(0.00)[asn:24806, ipnet:80.211.192.0/19, country:CZ]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2021 21:22:43 -0000 On 6/1/21 5:54 AM, Gordon Tetlow via freebsd-security wrote: > Surprised this old myth is still being repeated. Having used various >> root shells in FreeBSD and other Unux/Linux systems for decades I have to >> ask specifically what said reasons are, particularly considering >> /usr/sbin/sysrc starts with "#!/bin/sh" (as does and should every system >> shell script). > It’s likely due to the quoting behavior of newlines passed as the argument when he ran the script, which varies between shell implementations. As I said, I’m not surprised something broke because many utilities are not tested with different shell behaviors. > > I also believe if we have a reproducible test case, we should go ahead and fix it. > > Gordon I have Bash shell in my root terminal (did not change the default shell, just type 'bash -l' from the default csh) and I could not reproduce this error on 13.0-RELEASE . The rc.conf remains fine showing just the expected changes. -- Regards, Miklós GPG fingerprint: 3C4B 1364 A379 7366 7FED 260A 2208 F2CE 3FCE A0D3 From owner-freebsd-security@freebsd.org Tue Jun 1 22:52:35 2021 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B4B4A633021 for ; Tue, 1 Jun 2021 22:52:35 +0000 (UTC) (envelope-from fasxmut@protonmail.com) Received: from mail4.protonmail.ch (mail4.protonmail.ch [185.70.40.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "SwissSign Server Gold CA 2014 - G22" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FvnVT5fG0z50pW for ; Tue, 1 Jun 2021 22:52:33 +0000 (UTC) (envelope-from fasxmut@protonmail.com) Date: Tue, 01 Jun 2021 22:52:16 +0000 To: =?utf-8?Q?Mikl=C3=B3s_Quartus?= From: Fas Xmut Cc: "freebsd-security@freebsd.org" Reply-To: Fas Xmut Subject: Re: sysrc bug Message-ID: In-Reply-To: <242de1fa-ccd5-c9d6-4b2e-330ac9dcc152@foresthacker.hu> References: <242de1fa-ccd5-c9d6-4b2e-330ac9dcc152@foresthacker.hu> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Rspamd-Queue-Id: 4FvnVT5fG0z50pW X-Spamd-Bar: --- X-Spamd-Result: default: False [-4.00 / 15.00]; HAS_REPLYTO(0.00)[fasxmut@protonmail.com]; TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[protonmail.com]; R_SPF_ALLOW(-0.20)[+ip4:185.70.40.0/24]; DKIM_TRACE(0.00)[protonmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[protonmail.com,quarantine]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[185.70.40.27:from]; FREEMAIL_ENVFROM(0.00)[protonmail.com]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[protonmail.com:s=protonmail]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; FREEMAIL_REPLYTO(0.00)[protonmail.com]; SPAMHAUS_ZRD(0.00)[185.70.40.27:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[185.70.40.27:from]; MAILMAN_DEST(0.00)[freebsd-security] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Jun 2021 22:52:35 -0000 =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 Original Me= ssage =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 On Tuesday, June 1, 2021 9:22 PM, Mikl=C3=B3s Quartus via freebsd-security = wrote: > On 6/1/21 5:54 AM, Gordon Tetlow via freebsd-security wrote: > > > Surprised this old myth is still being repeated. Having used various > > > > > root shells in FreeBSD and other Unux/Linux systems for decades I hav= e to > > > ask specifically what said reasons are, particularly considering > > > /usr/sbin/sysrc starts with "#!/bin/sh" (as does and should every sys= tem > > > shell script). > > > It=E2=80=99s likely due to the quoting behavior of newlines passed as= the argument when he ran the script, which varies between shell implementa= tions. As I said, I=E2=80=99m not surprised something broke because many ut= ilities are not tested with different shell behaviors. > > > > I also believe if we have a reproducible test case, we should go ahead = and fix it. > > Gordon > > I have Bash shell in my root terminal (did not change the default shell, > just type 'bash -l' from the default csh) and I could not reproduce this > error on 13.0-RELEASE . The rc.conf remains fine showing just the > expected changes. > > -------------------------------------------------------------------------= ---------------------------------------------------------------------------= ---------------------------------------------------------------------------= ------- > > Regards, > Mikl=C3=B3s > GPG fingerprint: 3C4B 1364 A379 7366 7FED 260A 2208 F2CE 3FCE A0D3 I think I didnt express clearly. You have to do two commands to reproduce i= t: First: sysrc something_enable=3D"NO" Then: sysrc something_enable=3D"YES " (Suppose you forget to type " at the end and just type enter, so I type " a= t the following line) ---