Date: Wed, 19 Sep 2018 21:37:53 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 231489] security/lockdown may result in unbootable system without user warning nor logging Message-ID: <bug-231489-7788-zUOoXVhhX3@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-231489-7788@https.bugs.freebsd.org/bugzilla/> References: <bug-231489-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D231489 --- Comment #1 from J. B. <jbtakk@iherebuywisely.com> --- security/lockdown, if run without examining the port main binary, [a shell script] CLOSELY, alters key files, notably ttys login.conf fstab sshd_conf= ig ... without backup, nor warning, nor logging, nor asking first each step..= .=20 leaving at best restore from backup, and at an worst unrecoverable system,= the latter needing a [ new-install ] recovery medium and expertise, the former [ one has backup ] heavy expertise, and was crafted without mergemaster-alike warnings and backups, nor a man page etc, AFAIK. Also, its name invites PB= KAC actions, implying full vetting... --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-231489-7788-zUOoXVhhX3>