Date: Thu, 31 Oct 1996 08:18:58 +0100 From: sthaug@nethelp.no To: freebsd-security@freebsd.org Subject: Re: /etc/security Message-ID: <1244.846746338@verdi.nethelp.no> In-Reply-To: Your message of "Thu, 31 Oct 1996 10:48:42 %2B1000 (EST)" References: <199610310048.KAA23155@s5.elec.uq.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I think, this is a nice feature > > (unless, of coarse, you have to be dealing with Windows.) > > It's nice to have an alert, that somebody created > > a file with the name which is most probably should not exist on > > a Unix box. > > UNIX does not care if they have spaces Agreed, it's perfectly legal. But it would be nice to be warned about files that contain '...', or *start* with a space, or a number of other tricks used by the Warez folks to hide their stuff. > > > The current version falls over when checking for suid / sgid files > > > when the file names contain spaces. These file names are generated > > > by win95 when your FreeBSD host runs as a samba server. > > > Any such suid files just get dropped by the find but give errors. > > The point is that you could have suid files that are not flagged as > such by this script because find drops them if you use the -X switch. It also doesn't handle file names with quotes particularly well. Here I've made a copy of my DOS partition, and I get: > checking setuid files and devices: > find: /doscopy/sb16/pro_org/i'vebeen.org: illegal path > find: /doscopy/sb16/pro_org/she'llbe.org: illegal path Steinar Haug, Nethelp consulting, sthaug@nethelp.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1244.846746338>