From owner-cvs-all Thu Jun 21 12:17:34 2001 Delivered-To: cvs-all@freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 7BE4F37B407; Thu, 21 Jun 2001 12:17:16 -0700 (PDT) (envelope-from cjc@FreeBSD.org) Received: (from cjc@localhost) by freefall.freebsd.org (8.11.3/8.11.3) id f5LJHGr79355; Thu, 21 Jun 2001 12:17:16 -0700 (PDT) (envelope-from cjc) Message-Id: <200106211917.f5LJHGr79355@freefall.freebsd.org> From: "Crist J. Clark" Date: Thu, 21 Jun 2001 12:17:16 -0700 (PDT) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/etc security X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG cjc 2001/06/21 12:17:16 PDT Modified files: etc security Log: Fixing a bug reported on freebsd-security. It is possible for non-printable characters to sneak into /var/log/messages (e.g. someone aims a Solaris/Linux RCP exploit at your FreeBSD box and you end up with his shellcode as part of a log entry). You might get something like, host.mydom.org login failures: Binary file (standard input) matches In the daily security script as a result. Allowing attackers to mess with your security script's ability to accurately report is a Bad Thing. Tell grep(1) to treat /var/log/messages like a text file even if it has non-printable characters. Submitted by: Tim Zingelman on freebsd-security Approved by: ru MFC after: 1 week Revision Changes Path 1.54 +2 -2 src/etc/security To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message