Fixing a bug reported on freebsd-security. It is possible for

non-printable characters to sneak into /var/log/messages (e.g.
someone aims a Solaris/Linux RCP exploit at your FreeBSD box and
you end up with his shellcode as part of a log entry). You might
get something like,

  host.mydom.org login failures:
  Binary file (standard input) matches

In the daily security script as a result. Allowing attackers to
mess with your security script's ability to accurately report
is a Bad Thing. Tell grep(1) to treat /var/log/messages like a
text file even if it has non-printable characters.

Submitted by:	Tim Zingelman <zingelman@fnal.gov> on freebsd-security
Approved by:	ru
MFC after:	1 week

0 files changed, 0 insertions, 0 deletions