From owner-freebsd-security Thu Aug 10 12:16:51 2000 Delivered-To: freebsd-security@freebsd.org Received: from mail.gmx.net (pop.gmx.net [194.221.183.20]) by hub.freebsd.org (Postfix) with SMTP id 3D72537BA7F for ; Thu, 10 Aug 2000 12:16:45 -0700 (PDT) (envelope-from Gerhard.Sittig@gmx.net) Received: (qmail 3482 invoked by uid 0); 10 Aug 2000 19:16:31 -0000 Received: from p3ee21623.dip.t-dialin.net (HELO speedy.gsinet) (62.226.22.35) by mail.gmx.net with SMTP; 10 Aug 2000 19:16:31 -0000 Received: (from sittig@localhost) by speedy.gsinet (8.8.8/8.8.8) id TAA09127 for freebsd-security@FreeBSD.ORG; Thu, 10 Aug 2000 19:37:51 +0200 Date: Thu, 10 Aug 2000 19:37:51 +0200 From: Gerhard Sittig To: freebsd-security@FreeBSD.ORG Subject: Re: Unified diff format in output of /etc/security? Message-ID: <20000810193750.U261@speedy.gsinet> Mail-Followup-To: freebsd-security@FreeBSD.ORG References: <20000810091748.A7931@acc.umu.se> <66312.965898475@axl.ops.uunet.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <66312.965898475@axl.ops.uunet.co.za>; from sheldonh@uunet.co.za on Thu, Aug 10, 2000 at 11:07:55AM +0200 Organization: System Defenestrators Inc. Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Aug 10, 2000 at 11:07 +0200, Sheldon Hearn wrote: > > On Thu, 10 Aug 2000 09:17:48 +0200, Markus Holmberg wrote: > > > Is there a reason to not have the diff output of > > /etc/security to be of unified format? > > Yes; the output of a diff on setuid executables is less > readable as a unified diff -- you get lots of meaningless lines > of output. Then what about a "diff -u $FILES | grep -v '^ '"? Or "diff -u $FILES | grep '^[+-@]'"? (I guess the first fits better) And what about "diff $DIFFOPT ..." with a setting at the script's beginning? This will make those admins happy who find ed(1) diffs "less readable". And it would make Markus' patch a one line change. And it still leaves room for "diff style categories" like suid/sgid files vs added users vs changed packet filter rules vs anything you can think of. Some of these will surely gain improvements in terms of readability this way. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message