From owner-freebsd-bugs  Sun Oct 27 23:20:05 1996
Return-Path: owner-bugs
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id XAA07585
          for bugs-outgoing; Sun, 27 Oct 1996 23:20:05 -0800 (PST)
Received: (from gnats@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id XAA07578;
          Sun, 27 Oct 1996 23:20:03 -0800 (PST)
Resent-Date: Sun, 27 Oct 1996 23:20:03 -0800 (PST)
Resent-Message-Id: <199610280720.XAA07578@freefall.freebsd.org>
Resent-From: gnats (GNATS Management)
Resent-To: freebsd-bugs
Resent-Reply-To: FreeBSD-gnats@freefall.FreeBSD.org, mi@aldan.ziplink.net
Received: from rtfm.ziplink.net ([199.232.255.52])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id XAA06557
          for <FreeBSD-gnats-submit@freebsd.org>; Sun, 27 Oct 1996 23:13:09 -0800 (PST)
Received: (from root@localhost) by rtfm.ziplink.net (8.7.5/8.7.3) id CAA07105; Mon, 28 Oct 1996 02:10:33 -0500 (EST)
Message-Id: <199610280710.CAA07105@rtfm.ziplink.net>
Date: Mon, 28 Oct 1996 02:10:33 -0500 (EST)
From: mi@aldan.ziplink.net
Reply-To: mi@aldan.ziplink.net
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.2
Subject: misc/1910: filenames with unusual characters and /etc/security (or find(1))
Sender: owner-bugs@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


>Number:         1910
>Category:       misc
>Synopsis:       filenames with unusual characters break /etc/security (or find(1))
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Oct 27 23:20:01 PST 1996
>Last-Modified:
>Originator:     Mikhail Teterin
>Organization:
>Release:        2.1.5-RELEASE
>Environment:


>Description:

	Date: Sat, 19 Oct 1996 02:00:11 -0400 (EDT)
	From: Charlie Root <root>
	Subject: aldan security check output

	checking setuid files and devices:
	find: /root/Mail/sent mail: illegal path
	find: /root/Mail/sent mail/1: illegal path
	find: /root/Mail/sent mail/.1.summary: illegal path
	find: /root/Mail/sent mail/2: illegal path
	find: /root/News/vulisa : illegal path

	checking for uids of 0:
	root 0
	toor 0

>How-To-Repeat:

	Make a file with <<space>> in in its name, and see what happens.

>Fix:
	
	Ignore this part of /etc/security output ;) The potential threat is,
	one of THIS files may, actually, be setuid... Closer examination,
	allows to think find(1) is broken on this:

	find -X /root -type f \( -perm -u+x -or -perm -g+x -or -perm \
		-o+x \) \( -perm -u+s -or -perm -g+s \)

	leads to:
		find: /root/Mail/sent mail: illegal path
		find: /root/Mail/sent mail/1: illegal path
		find: /root/Mail/sent mail/.1.summary: illegal path
		find: /root/Mail/sent mail/2: illegal path
		find: /root/News/vulisa : illegal path

	but I am not sure.
>Audit-Trail:
>Unformatted: