--- etc/periodic/security/100.chksetuid	(revision 318606)
+++ etc/periodic/security/100.chksetuid	(working copy)
@@ -45,7 +45,13 @@ 
 then
 	echo ""
 	echo 'Checking setuid files and devices:'
-	MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
+	IFS=$'\t\n'	# Don't split mount points with spaces
+	MP=`mount -t ufs,zfs | awk '
+		$0 !~ /no(suid|exec)/ {
+			sub(/^.* on \//, "/");
+			sub(/ \(.*\)/, "");
+			print $0
+		}'`
 	find -sx $MP /dev/null \( ! -fstype local \) -prune -o -type f \
 	    \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \
 	    \( -perm -u+s -or -perm -g+s \) -exec ls -liTd \{\} \+ |
--- etc/periodic/security/110.neggrpperm	(revision 318606)
+++ etc/periodic/security/110.neggrpperm	(working copy)
@@ -43,7 +43,13 @@ 
 then
 	echo ""
 	echo 'Checking negative group permissions:'
-	MP=`mount -t ufs,zfs | awk '$0 !~ /no(suid|exec)/ { print $3 }'`
+	IFS=$'\t\n'	# Don't split mount points with spaces
+	MP=`mount -t ufs,zfs | awk '
+		$0 !~ /no(suid|exec)/ {
+			sub(/^.* on \//, "/");
+			sub(/ \(.*\)/, "");
+			print $0
+		}'`
 	n=$(find -sx $MP /dev/null \( ! -fstype local \) -prune -o -type f \
 	    \( \( ! -perm +010 -and -perm +001 \) -or \
 	    \( ! -perm +020 -and -perm +002 \) -or \
--- etc/periodic/security/security.functions	(revision 318606)
+++ etc/periodic/security/security.functions	(working copy)
@@ -48,6 +48,7 @@ 
 #   LABEL is the base name of the ${LOG}/${label}.{today,yesterday} files.
 
 check_diff() {
+  unset IFS
   rc=0
   if [ "$1" = "new_only" ]; then
     shift