Bug 119464

Summary: [patch] [request] Add 'sorted' option to etc/periodic/security/security.functions
Product: Base System Reporter: Esa Karkkainen <ejk>
Component: confAssignee: freebsd-bugs (Nobody) <bugs>
Status: Open ---    
Severity: Affects Only Me CC: ejk
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description Esa Karkkainen 2008-01-08 19:30:01 UTC
Add option to check_diff function which changes "setuid diffs" from

---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---
Amnesiac setuid diffs:
--- /var/log/setuid.today       Mon May  8 03:01:22 2006
+++ /tmp/security.DSozUbFb      Tue Jun 13 03:01:22 2006
@@ -33,7 +33,7 @@
 612402 -r-sr-xr-x  2 root  wheel     5828 May  7 13:25:03 2006 /usr/bin/yppasswd
 141367 -r-sr-xr-x  1 root  wheel     3400 May  7 13:14:41 2006 /usr/libexec/pt_chown
 141330 -r-xr-sr-x  1 root  smmsp   582752 May  7 13:28:03 2006 /usr/libexec/sendmail/sendmail
-730599 -rwsr-xr-x  1 root  wheel   278660 Oct 28 18:09:06 2005 /usr/local/bin/screen
+730291 -rwsr-xr-x  1 root  wheel   285580 Jun 12 20:56:14 2006 /usr/local/bin/screen
 730672 ---s--x--x  2 root  wheel    89020 Jan 27 01:52:14 2006 /usr/local/bin/sudo
 730672 ---s--x--x  2 root  wheel    89020 Jan 27 01:52:14 2006 /usr/local/bin/sudoedit
 329886 -r-sr-sr-x  1 root  authpf   14724 May  7 13:26:08 2006 /usr/sbin/authpf
---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---

to

---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---
Amnesiac setuid diffs:
+++ /tmp/security.DSozUbFb      Tue Jun 13 03:01:22 2006
--- /var/log/setuid.today       Mon May  8 03:01:22 2006
+730291 -rwsr-xr-x  1 root  wheel   285580 Jun 12 20:56:14 2006 /usr/local/bin/screen
-730599 -rwsr-xr-x  1 root  wheel   278660 Oct 28 18:09:06 2005 /usr/local/bin/screen
---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---8<---

IMHO the latter output is easier to comprehend.

Patch does not change traditional FreeBSD behaviour (POLA).

Admin must add "sorted" as first argument to check_diff funtion call in
"/etc/periodic/security/100.chksetuid" file.

How-To-Repeat: N/A
Comment 1 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 07:59:17 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped