summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAaron Campbell <aaron@cvs.openbsd.org>2000-10-06 17:35:31 +0000
committerAaron Campbell <aaron@cvs.openbsd.org>2000-10-06 17:35:31 +0000
commitaa2b8dd3e8c65399b274d45da9b7bb0960ca58e2 (patch)
treeabf7314454dbb80fb6187e9ad38fbac9f9354ff5
parent97e98307ffc3f7ea7933b81620c0fa0898d7747b (diff)
When including the listing of a directory in root's security mail, pass the
-q flag to ls(1) so that non-printable characters will appear as '?'. This prevents a malicious user from fooling the administrator into thinking the contents of a file name are actually valid script output (note that you can put newlines in file names); deraadt@ ok
-rw-r--r--etc/security4
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/security b/etc/security
index 65ca81d5726..c02c13f7d65 100644
--- a/etc/security
+++ b/etc/security
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $OpenBSD: security,v 1.38 2000/07/23 19:49:17 rohee Exp $
+# $OpenBSD: security,v 1.39 2000/10/06 17:35:30 aaron Exp $
# from: @(#)security 8.1 (Berkeley) 6/9/93
#
@@ -18,7 +18,7 @@ OUTPUT=$DIR/_secure6
if ! mkdir $DIR ; then
printf "tmp directory %s already exists, looks like:\n" $DIR
- ls -alF $DIR
+ ls -alqF $DIR
exit 1
fi