Date: Thu, 21 Jun 2001 12:17:16 -0700 (PDT) From: "Crist J. Clark" <cjc@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/etc security Message-ID: <200106211917.f5LJHGr79355@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
cjc 2001/06/21 12:17:16 PDT
Modified files:
etc security
Log:
Fixing a bug reported on freebsd-security. It is possible for
non-printable characters to sneak into /var/log/messages (e.g.
someone aims a Solaris/Linux RCP exploit at your FreeBSD box and
you end up with his shellcode as part of a log entry). You might
get something like,
host.mydom.org login failures:
Binary file (standard input) matches
In the daily security script as a result. Allowing attackers to
mess with your security script's ability to accurately report
is a Bad Thing. Tell grep(1) to treat /var/log/messages like a
text file even if it has non-printable characters.
Submitted by: Tim Zingelman <zingelman@fnal.gov> on freebsd-security
Approved by: ru
MFC after: 1 week
Revision Changes Path
1.54 +2 -2 src/etc/security
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106211917.f5LJHGr79355>