I don't know if it is a security bug or not. When I use sysrc today, the error operations emptied my /etc/rc.conf, that's a small disaster, because my /etc/rc.conf is updated day by day, but now, it is empty. First, change your default root shell to sh/ksh or their derived shell. (I have tested, csh will not trigger that bug). Second, backup /etc/rc.conf to any other place. Then do the following commands: ------------------------------------------------------------------------ # sysrc something_enable="NO" # sysrc something_enable="YES> "awk: newline in string YES ... at source line 1 something_enable: NO -> YES ------------------------------------------------------------------------ Now see what is inside /etc/rc.conf ? Everything is empty! only one thing in it: ------------------------------------------------------------------------ something_enable="YES " ------------------------------------------------------------------------ Sent with [ProtonMail](https://protonmail.com) Secure Email.
Think this would be an extra security bug considering that gets wiped out then the system isn't going to come back online after a reboot ? Nice find !!! -- J. Hellenthal The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.> On May 30, 2021, at 01:10, Fas Xmut via freebsd-security <freebsd-security at freebsd.org> wrote: > > ?I don't know if it is a security bug or not. When I use sysrc today, the error operations emptied my /etc/rc.conf, that's a small disaster, because my /etc/rc.conf is updated day by day, but now, it is empty. > > First, change your default root shell to sh/ksh or their derived shell. (I have tested, csh will not trigger that bug). > > Second, backup /etc/rc.conf to any other place. > > Then do the following commands: > > ------------------------------------------------------------------------ > # sysrc something_enable="NO" > # sysrc something_enable="YES >> " > awk: newline in string YES > ... at source line 1 > something_enable: NO -> YES > ------------------------------------------------------------------------ > > Now see what is inside /etc/rc.conf ? Everything is empty! only one thing in it: > > ------------------------------------------------------------------------ > something_enable="YES > " > ------------------------------------------------------------------------ > > Sent with [ProtonMail](https://protonmail.com) Secure Email. > _______________________________________________ > freebsd-security at freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
This isn't a security bug as it requires root privilege to empty /etc/rc.conf. If you have root privilege, you can do that already. Also, changing the root shell is bad for many reasons and I'm not surprised that something doesn't work. That said, it certainly is less than desirable and should probably be more robust in case of this failure. I would recommend opening a bug for this and see if we can get someone to pick it up. Thanks for the report! Gordon Hat: security-officer On Sat, May 29, 2021 at 11:10 PM Fas Xmut via freebsd-security <freebsd-security at freebsd.org> wrote:> > I don't know if it is a security bug or not. When I use sysrc today, the error operations emptied my /etc/rc.conf, that's a small disaster, because my /etc/rc.conf is updated day by day, but now, it is empty. > > First, change your default root shell to sh/ksh or their derived shell. (I have tested, csh will not trigger that bug). > > Second, backup /etc/rc.conf to any other place. > > Then do the following commands: > > ------------------------------------------------------------------------ > # sysrc something_enable="NO" > # sysrc something_enable="YES > > " > awk: newline in string YES > ... at source line 1 > something_enable: NO -> YES > ------------------------------------------------------------------------ > > Now see what is inside /etc/rc.conf ? Everything is empty! only one thing in it: > > ------------------------------------------------------------------------ > something_enable="YES > " > ------------------------------------------------------------------------ > > Sent with [ProtonMail](https://protonmail.com) Secure Email. > _______________________________________________ > freebsd-security at freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"