Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 30 May 2021 08:21:20 -0500
From:      "J. Hellenthal" <jhellenthal@dataix.net>
To:        Fas Xmut <fasxmut@protonmail.com>
Cc:        freebsd-security@freebsd.org
Subject:   Re: sysrc bug
Message-ID:  <9660FA98-3075-4047-B00F-F24F1656B778@dataix.net>
In-Reply-To: <p1XhdZERaUmjjEr3KeA4_0dCz0OkMIxIfT_4GfVD5KOMCfN-EjrgVNLr-s6eqVpthVvOIJmEdbi9e6gkjgWizVc_Z94TPdjs4eglvRNNP8g=@protonmail.com>
References:  <p1XhdZERaUmjjEr3KeA4_0dCz0OkMIxIfT_4GfVD5KOMCfN-EjrgVNLr-s6eqVpthVvOIJmEdbi9e6gkjgWizVc_Z94TPdjs4eglvRNNP8g=@protonmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Think this would be an extra security bug considering that gets wiped out th=
en the system isn't going to come back online after a reboot =F0=9F=A4=AA

Nice find !!!

--=20
 J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a=
 lot about anticipated traffic volume.

> On May 30, 2021, at 01:10, Fas Xmut via freebsd-security <freebsd-security=
@freebsd.org> wrote:
>=20
> =EF=BB=BFI don't know if it is a security bug or not. When I use sysrc tod=
ay, the error operations emptied my /etc/rc.conf, that's a small disaster, b=
ecause my /etc/rc.conf is updated day by day, but now, it is empty.
>=20
> First, change your default root shell to sh/ksh or their derived shell. (I=
 have tested, csh will not trigger that bug).
>=20
> Second, backup /etc/rc.conf to any other place.
>=20
> Then do the following commands:
>=20
> ------------------------------------------------------------------------
> # sysrc something_enable=3D"NO"
> # sysrc something_enable=3D"YES
>> "
> awk: newline in string YES
> ... at source line 1
> something_enable: NO -> YES
> ------------------------------------------------------------------------
>=20
> Now see what is inside /etc/rc.conf ? Everything is empty! only one thing i=
n it:
>=20
> ------------------------------------------------------------------------
> something_enable=3D"YES
> "
> ------------------------------------------------------------------------
>=20
> Sent with [ProtonMail](https://protonmail.com) Secure Email.
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org=
"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9660FA98-3075-4047-B00F-F24F1656B778>