From owner-freebsd-questions Wed Apr 7 8:52: 8 1999 Delivered-To: freebsd-questions@freebsd.org Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by hub.freebsd.org (Postfix) with ESMTP id 5D41814EFE for ; Wed, 7 Apr 1999 08:52:02 -0700 (PDT) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.9.2/8.9.2) id KAA81437; Wed, 7 Apr 1999 10:50:00 -0500 (CDT) (envelope-from dan) Date: Wed, 7 Apr 1999 10:50:00 -0500 From: Dan Nelson To: Dave Rossow Cc: questions@FreeBSD.ORG Subject: Re: illegal paths Message-ID: <19990407105000.A80589@dan.emsphone.com> References: <002b01be810b$6447c100$05c809c0@versa> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i In-Reply-To: <002b01be810b$6447c100$05c809c0@versa>; from "Dave Rossow" on Wed Apr 7 08:29:13 GMT 1999 X-OS: FreeBSD 3.1-STABLE Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In the last episode (Apr 07), Dave Rossow said: > They show up in the daily security checks, as in the example below: > > checking setuid files and devices: > find: /usr/local/www/clients/pkg/3Com/DSG PR 89-0848-000 Shipment > Preparation.doc: illegal path > find: /usr/home/robert/public/Amber's School Stuff/wadr98e.pdf: illegal path You must be running a very old copy of FreeBSD then (like before 2.2.0 even). The security script was modified to use "find -print0" to silence these warnings in March 1997. > The files seem to be perfectly accessible, so are they really illegal? or > is the daily check in need of an update to be able to recognize these as > legitimate file paths? The warning is because a "find | xargs" combo will fail if any of the filenames have whitespace in them. The safe method is "find -print0 | xargs -0". If you can't upgrade the entire machine, update the etc/security file to a newer version. -Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message