Date: Wed, 7 Apr 1999 10:50:00 -0500 From: Dan Nelson <dnelson@emsphone.com> To: Dave Rossow <dave@dreksys.com> Cc: questions@FreeBSD.ORG Subject: Re: illegal paths Message-ID: <19990407105000.A80589@dan.emsphone.com> In-Reply-To: <002b01be810b$6447c100$05c809c0@versa>; from "Dave Rossow" on Wed Apr 7 08:29:13 GMT 1999 References: <002b01be810b$6447c100$05c809c0@versa>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Apr 07), Dave Rossow said: > They show up in the daily security checks, as in the example below: > > checking setuid files and devices: > find: /usr/local/www/clients/pkg/3Com/DSG PR 89-0848-000 Shipment > Preparation.doc: illegal path > find: /usr/home/robert/public/Amber's School Stuff/wadr98e.pdf: illegal path You must be running a very old copy of FreeBSD then (like before 2.2.0 even). The security script was modified to use "find -print0" to silence these warnings in March 1997. > The files seem to be perfectly accessible, so are they really illegal? or > is the daily check in need of an update to be able to recognize these as > legitimate file paths? The warning is because a "find | xargs" combo will fail if any of the filenames have whitespace in them. The safe method is "find -print0 | xargs -0". If you can't upgrade the entire machine, update the etc/security file to a newer version. -Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990407105000.A80589>