Date: Sun, 30 May 2021 08:21:20 -0500 From: "J. Hellenthal" <jhellenthal@dataix.net> To: Fas Xmut <fasxmut@protonmail.com> Cc: freebsd-security@freebsd.org Subject: Re: sysrc bug Message-ID: <9660FA98-3075-4047-B00F-F24F1656B778@dataix.net> In-Reply-To: <p1XhdZERaUmjjEr3KeA4_0dCz0OkMIxIfT_4GfVD5KOMCfN-EjrgVNLr-s6eqVpthVvOIJmEdbi9e6gkjgWizVc_Z94TPdjs4eglvRNNP8g=@protonmail.com> References: <p1XhdZERaUmjjEr3KeA4_0dCz0OkMIxIfT_4GfVD5KOMCfN-EjrgVNLr-s6eqVpthVvOIJmEdbi9e6gkjgWizVc_Z94TPdjs4eglvRNNP8g=@protonmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Think this would be an extra security bug considering that gets wiped out th= en the system isn't going to come back online after a reboot =F0=9F=A4=AA Nice find !!! --=20 J. Hellenthal The fact that there's a highway to Hell but only a stairway to Heaven says a= lot about anticipated traffic volume. > On May 30, 2021, at 01:10, Fas Xmut via freebsd-security <freebsd-security= @freebsd.org> wrote: >=20 > =EF=BB=BFI don't know if it is a security bug or not. When I use sysrc tod= ay, the error operations emptied my /etc/rc.conf, that's a small disaster, b= ecause my /etc/rc.conf is updated day by day, but now, it is empty. >=20 > First, change your default root shell to sh/ksh or their derived shell. (I= have tested, csh will not trigger that bug). >=20 > Second, backup /etc/rc.conf to any other place. >=20 > Then do the following commands: >=20 > ------------------------------------------------------------------------ > # sysrc something_enable=3D"NO" > # sysrc something_enable=3D"YES >> " > awk: newline in string YES > ... at source line 1 > something_enable: NO -> YES > ------------------------------------------------------------------------ >=20 > Now see what is inside /etc/rc.conf ? Everything is empty! only one thing i= n it: >=20 > ------------------------------------------------------------------------ > something_enable=3D"YES > " > ------------------------------------------------------------------------ >=20 > Sent with [ProtonMail](https://protonmail.com) Secure Email. > _______________________________________________ > freebsd-security@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org= "
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9660FA98-3075-4047-B00F-F24F1656B778>