From owner-freebsd-security@freebsd.org  Mon May 31 02:01:40 2021
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id BC30D63BFA6
 for <freebsd-security@mailman.nyi.freebsd.org>;
 Mon, 31 May 2021 02:01:40 +0000 (UTC)
 (envelope-from fasxmut@protonmail.com)
Received: from mail-40130.protonmail.ch (mail-40130.protonmail.ch
 [185.70.40.130])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "protonmail.com",
 Issuer "SwissSign Server Gold CA 2014 - G22" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4Ftdnb1pfJz4s0R
 for <freebsd-security@freebsd.org>; Mon, 31 May 2021 02:01:38 +0000 (UTC)
 (envelope-from fasxmut@protonmail.com)
Date: Mon, 31 May 2021 02:01:22 +0000
To: Eugene Grosbein <eugen@grosbein.net>
From: Fas Xmut <fasxmut@protonmail.com>
Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>
Reply-To: Fas Xmut <fasxmut@protonmail.com>
Subject: Re: sysrc (awk) bug
Message-ID: <6YNQ4285ppiZ6viy28yztJUyMh7Pk0ke-lH_kRqbuRw-I3viTyQAEZrQ13MTEwAUd5s8Qd7xXi2PDpObhUa5GUatzo8-UdfvczaWtPZ47jw=@protonmail.com>
In-Reply-To: <ae413c70-4fdc-f65c-1757-b1473c1a21b7@grosbein.net>
References: <0J-hkv9PO-ZfjHO2kiEVatVRNdz0xTZ8pDMOvPreE53RFRsgyWHnU0U1IPO-mxNmswiB5KyGgO067-gLMA0PfW4Py3bBYllvQCBMTc2T8QE=@protonmail.com>
 <ae413c70-4fdc-f65c-1757-b1473c1a21b7@grosbein.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM shortcircuit=no
 autolearn=disabled version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 mailout.protonmail.ch
X-Rspamd-Queue-Id: 4Ftdnb1pfJz4s0R
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-4.00 / 15.00];
 HAS_REPLYTO(0.00)[fasxmut@protonmail.com];
 TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[];
 FREEMAIL_FROM(0.00)[protonmail.com];
 R_SPF_ALLOW(-0.20)[+ip4:185.70.40.0/24];
 DKIM_TRACE(0.00)[protonmail.com:+]; RCPT_COUNT_TWO(0.00)[2];
 DMARC_POLICY_ALLOW(-0.50)[protonmail.com,quarantine];
 NEURAL_HAM_SHORT(-1.00)[-1.000]; RCVD_COUNT_ZERO(0.00)[0];
 FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+];
 RBL_DBL_DONT_QUERY_IPS(0.00)[185.70.40.130:from];
 FREEMAIL_ENVFROM(0.00)[protonmail.com];
 ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH];
 MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000];
 R_DKIM_ALLOW(-0.20)[protonmail.com:s=protonmail];
 REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[];
 NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain];
 FREEMAIL_REPLYTO(0.00)[protonmail.com];
 SPAMHAUS_ZRD(0.00)[185.70.40.130:from:127.0.2.255];
 TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[185.70.40.130:from];
 RWL_MAILSPIKE_POSSIBLE(0.00)[185.70.40.130:from];
 MAILMAN_DEST(0.00)[freebsd-security]
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 31 May 2021 02:01:40 -0000

13.0-Release


Sent with ProtonMail Secure Email.

=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90 Original Me=
ssage =E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90=E2=80=90
On Sunday, May 30, 2021 1:43 PM, Eugene Grosbein <eugen@grosbein.net> wrote=
:

> 30.05.2021 11:36, Fas Xmut via freebsd-security wrote:
>
> > I don't know if it is a security bug or not. When I use sysrc today, th=
e error operations emptied my /etc/rc.conf, that's a small disaster, becaus=
e my /etc/rc.conf is updated day by day, but now, it is empty.
> > First, change your default root shell to sh/ksh or their derived shell.=
 (I have tested, csh will not trigger that bug).
> > Second, backup /etc/rc.conf to any other place.
> > Then do the following commands:
> >
> > sysrc something_enable=3D"NO"
> >
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
> >
> > sysrc something_enable=3D"YES
> >
> > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
> >
> > > "
> > > awk: newline in string YES
> > > ... at source line 1
> > > something_enable: NO -> YES
> >
> > Now see what is inside /etc/rc.conf ? Everything is empty! only one thi=
ng in it:
> >
> > something_enable=3D"YES
> > "
> >
> > ------------------------
>
> What is your FreeBSD version?