improper parsing of umask in /etc/security

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

improper parsing of umask in /etc/security

Travis H.
This diff is relative to 3.8, sorry not 3.9 at the moment, but the
patch is trivial.

Problem is that it's not very discriminating about what is a umask
command, unlike the csh handling code.  It caught a comment and
created a false alarm on my system.  Here's the fix:

--- /usr/src/etc/security.orig  Mon Mar  7 20:47:28 2005
+++ /usr/src/etc/security       Sun May 28 07:06:14 2006
@@ -191,7 +191,7 @@
                if egrep umask $i > /dev/null ; then
                        umaskset=yes
                fi
-               egrep umask $i |
+               egrep
'[[:space:]]*umask[[:space:]]*[[:digit:]][[:digit:]]*' $i |
                awk '$2 % 100 < 20 \
                        { print "Root umask is group writable" } \
                     $2 % 10 < 2 \