diff options
author | Aaron Campbell <aaron@cvs.openbsd.org> | 2000-10-06 17:35:31 +0000 |
---|---|---|
committer | Aaron Campbell <aaron@cvs.openbsd.org> | 2000-10-06 17:35:31 +0000 |
commit | aa2b8dd3e8c65399b274d45da9b7bb0960ca58e2 (patch) | |
tree | abf7314454dbb80fb6187e9ad38fbac9f9354ff5 | |
parent | 97e98307ffc3f7ea7933b81620c0fa0898d7747b (diff) |
When including the listing of a directory in root's security mail, pass the
-q flag to ls(1) so that non-printable characters will appear as '?'. This
prevents a malicious user from fooling the administrator into thinking the
contents of a file name are actually valid script output (note that you can
put newlines in file names); deraadt@ ok
-rw-r--r-- | etc/security | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/security b/etc/security index 65ca81d5726..c02c13f7d65 100644 --- a/etc/security +++ b/etc/security @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: security,v 1.38 2000/07/23 19:49:17 rohee Exp $ +# $OpenBSD: security,v 1.39 2000/10/06 17:35:30 aaron Exp $ # from: @(#)security 8.1 (Berkeley) 6/9/93 # @@ -18,7 +18,7 @@ OUTPUT=$DIR/_secure6 if ! mkdir $DIR ; then printf "tmp directory %s already exists, looks like:\n" $DIR - ls -alF $DIR + ls -alqF $DIR exit 1 fi |