From owner-freebsd-security Wed May 29 15:41:24 2002 Delivered-To: freebsd-security@freebsd.org Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by hub.freebsd.org (Postfix) with ESMTP id F257337B406; Wed, 29 May 2002 15:41:17 -0700 (PDT) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc52.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020529224117.TIYR2751.rwcrmhc52.attbi.com@blossom.cjclark.org>; Wed, 29 May 2002 22:41:17 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g4TMfDG13550; Wed, 29 May 2002 15:41:13 -0700 (PDT) (envelope-from crist.clark@attbi.com) X-Authentication-Warning: blossom.cjclark.org: cjc set sender to crist.clark@attbi.com using -f Date: Wed, 29 May 2002 15:41:13 -0700 From: "Crist J. Clark" To: "Jacques A. Vidrine" Cc: security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:27.rc Message-ID: <20020529154113.D12700@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <200205291636.g4TGaZX40801@freefall.freebsd.org> <20020529133852.B12700@blossom.cjclark.org> <20020529210334.GA5544@madman.nectar.cc> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20020529210334.GA5544@madman.nectar.cc>; from nectar@freebsd.org on Wed, May 29, 2002 at 04:03:34PM -0500 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, May 29, 2002 at 04:03:34PM -0500, Jacques A. Vidrine wrote: > On Wed, May 29, 2002 at 01:38:52PM -0700, Crist J. Clark wrote: > > > /bin/sh -c 'echo -e "/.X11-unix/s/^/#/\nw\nq\n" | /bin/ed -s /etc/rc' > > > > Ick. How about, > > > > # /usr/bin/printf "/.X11-unix/s/^/#/\nw\nq\n" | /bin/ed -s /etc/rc > > > > Next time? > > *shrug* One could prescribe any number of alternatives to achieve the > modification. I chose this way, because /bin/sh and /bin/ed are both > statically linked and should always be available on all systems in > single user mode. It seems unlikely that this will be an issue for > anyone, but hey - you never know. I guess I should have explained my concern more. I'm thinking some l33t kid out there is going to look at that and say, "I can just do, # echo -e "/.X11-unix/s/^/#/\nw\nq\n" | /bin/ed -s /etc/rc And not have to worry about all of that /bin/sh stuff at the front..." and thus outsmart himself. He wouldn't realize you are counting on features of the echo builtin in sh(1) and not /bin/echo or the csh(1) echo builtin. The above commands don't work as desired for a non-sh(1)-ish shell. I'm curious to see how many posts to the list might appear as people do just that. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message