Date: Sun, 30 May 2021 08:21:20 -0500 From: "J. Hellenthal" <jhellenthal@dataix.net> To: Fas Xmut <fasxmut@protonmail.com> Cc: freebsd-security@freebsd.org Subject: Re: sysrc bug Message-ID: <9660FA98-3075-4047-B00F-F24F1656B778@dataix.net> In-Reply-To: <p1XhdZERaUmjjEr3KeA4_0dCz0OkMIxIfT_4GfVD5KOMCfN-EjrgVNLr-s6eqVpthVvOIJmEdbi9e6gkjgWizVc_Z94TPdjs4eglvRNNP8g=@protonmail.com>
index | next in thread | previous in thread | raw e-mail
Think this would be an extra security bug considering that gets wiped out then the system isn't going to come back online after a reboot 🤪 Nice find !!! -- J. Hellenthal The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume. > On May 30, 2021, at 01:10, Fas Xmut via freebsd-security <freebsd-security@freebsd.org> wrote: > > I don't know if it is a security bug or not. When I use sysrc today, the error operations emptied my /etc/rc.conf, that's a small disaster, because my /etc/rc.conf is updated day by day, but now, it is empty. > > First, change your default root shell to sh/ksh or their derived shell. (I have tested, csh will not trigger that bug). > > Second, backup /etc/rc.conf to any other place. > > Then do the following commands: > > ------------------------------------------------------------------------ > # sysrc something_enable="NO" > # sysrc something_enable="YES >> " > awk: newline in string YES > ... at source line 1 > something_enable: NO -> YES > ------------------------------------------------------------------------ > > Now see what is inside /etc/rc.conf ? Everything is empty! only one thing in it: > > ------------------------------------------------------------------------ > something_enable="YES > " > ------------------------------------------------------------------------ > > Sent with [ProtonMail](https://protonmail.com) Secure Email. > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9660FA98-3075-4047-B00F-F24F1656B778>