diff options
| author | cjc <cjc@FreeBSD.org> | 2001-06-21 19:17:15 +0000 |
|---|---|---|
| committer | cjc <cjc@FreeBSD.org> | 2001-06-21 19:17:15 +0000 |
| commit | 8b883929b6ea42f3dbd25e13960b76987c16a962 (patch) | |
| tree | cf929503acbefa76554d8f2ad7b3fe40e1cd1e1b /etc/rc.atm | |
| parent | 260e54cab4f480e0b22f47857dae2820019f21c0 (diff) | |
| download | FreeBSD-src-8b883929b6ea42f3dbd25e13960b76987c16a962.zip FreeBSD-src-8b883929b6ea42f3dbd25e13960b76987c16a962.tar.gz | |
Fixing a bug reported on freebsd-security. It is possible for
non-printable characters to sneak into /var/log/messages (e.g.
someone aims a Solaris/Linux RCP exploit at your FreeBSD box and
you end up with his shellcode as part of a log entry). You might
get something like,
host.mydom.org login failures:
Binary file (standard input) matches
In the daily security script as a result. Allowing attackers to
mess with your security script's ability to accurately report
is a Bad Thing. Tell grep(1) to treat /var/log/messages like a
text file even if it has non-printable characters.
Submitted by: Tim Zingelman <zingelman@fnal.gov> on freebsd-security
Approved by: ru
MFC after: 1 week
Diffstat (limited to 'etc/rc.atm')
0 files changed, 0 insertions, 0 deletions
