thr3ads.net - freebsd security - security scripts diff [Feb 2010]

If this information is useful, please help other people find it:
Share via:

Dmitry Morozovsky

2010-Feb-01 00:28 UTC

security scripts diff

Dear colleagues,

looking at regular security mails I found that foloowing patch would greatly 
desreases amount of false positive reports; it's totally possible I'm
missing
some vital areas, but my current look at security scripts did not reveal any.

What do you think? Thank you in advance.

marck@woozle:/lh/src.current/etc/periodic/security> cvs -R diff
Index: security.functions
==================================================================RCS file:
/home/ncvs/src/etc/periodic/security/security.functions,v
retrieving revision 1.5
diff -u -r1.5 security.functions
--- security.functions  22 Aug 2005 09:33:36 -0000      1.5
+++ security.functions  1 Feb 2010 00:09:59 -0000
@@ -67,7 +67,7 @@
     [ $rc -lt 1 ] && rc=1
     echo ""
     echo "${msg}"
-    diff ${daily_status_security_diff_flags} ${LOG}/${label}.today \
+    diff -w ${daily_status_security_diff_flags} ${LOG}/${label}.today \
        ${tmpf} | eval "${filter}"
     mv ${LOG}/${label}.today ${LOG}/${label}.yesterday || rc=3
     mv ${tmpf} ${LOG}/${label}.today || rc=3


-- 
Sincerely,
D.Marck                                     [DM5020, MCK-RIPE, DM3-RIPN]
[ FreeBSD committer:                                 marck@FreeBSD.org ]
------------------------------------------------------------------------
*** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck@rinet.ru ***
------------------------------------------------------------------------

David Wolfskill

2010-Feb-01 00:40 UTC

head link

security scripts diff

On Mon, Feb 01, 2010 at 03:13:39AM +0300, Dmitry Morozovsky
wrote:> Dear colleagues,
> 
> looking at regular security mails I found that foloowing patch would
greatly
> desreases amount of false positive reports; it's totally possible
I'm missing
> some vital areas, but my current look at security scripts did not reveal
any.
> 
> What do you think? Thank you in advance.
> ...
I think maybe -b ("Ignore changes in the amount of white space.")
might
be better than -w ("Ignore all white space."), as the presence or
absence of *some* white space can be a signifant difference (e.g., to a
non-FORTRAN IV parser).
                                                                                
Peace,                                                                          
david                                                                           
-- 
David H. Wolfskill				david@catwhisker.org
Depriving a girl or boy of an opportunity for education is evil.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url :
http://lists.freebsd.org/pipermail/freebsd-security/attachments/20100201/912b011b/attachment.pgp

freebsd security - Feb 2010 - security scripts diff

security scripts diff

security scripts diff