Package: etckeeper Version: 0.48 Severity: normal
Running "etckeeper init" on a checkout of a git repository managed by etckeeper chokes on file names containing special characters: sascha.silbe@twin:/tmp/sascha_silbe/tmpbox.7kmjhKHhbT$ git clone flatty:git/etc-xo15-sascha Cloning into etc-xo15-sascha... remote: Counting objects: 4131, done. remote: Compressing objects: 100% (3107/3107), done. remote: Total 4131 (delta 1222), reused 2320 (delta 307) Receiving objects: 100% (4131/4131), 1.37 MiB | 669 KiB/s, done. Resolving deltas: 100% (1222/1222), done. sascha.silbe@twin:/tmp/sascha_silbe/tmpbox.7kmjhKHhbT$ cd etc-xo15-sascha/ sascha.silbe@twin:/tmp/sascha_silbe/tmpbox.7kmjhKHhbT/etc-xo15-sascha$ sudo etckeeper init -d . [: 1: ./NetworkManager/system-connections/AdHoc: unexpected operator [: 1: ./NetworkManager/system-connections/Auto: unexpected operator [: 1: ./NetworkManager/system-connections/Auto: unexpected operator [: 1: ./NetworkManager/system-connections/Auto: unexpected operator sascha.silbe@twin:/tmp/sascha_silbe/tmpbox.7kmjhKHhbT/etc-xo15-sascha$ sudo sh -x $(which etckeeper) init -d . [...] + /etc/etckeeper/init.d/10restore-metadata + /etc/etckeeper/init.d/20restore-etckeeper [: 1: ./NetworkManager/system-connections/AdHoc: unexpected operator [: 1: ./NetworkManager/system-connections/Auto: unexpected operator [: 1: ./NetworkManager/system-connections/Auto: unexpected operator [: 1: ./NetworkManager/system-connections/Auto: unexpected operator + /etc/etckeeper/init.d/40vcs-init + /etc/etckeeper/init.d/50vcs-ignore + /etc/etckeeper/init.d/50vcs-perm + /etc/etckeeper/init.d/50vcs-pre-commit-hook + /etc/etckeeper/init.d/60darcs-deleted-symlinks + /etc/etckeeper/init.d/70vcs-add sascha.silbe@twin:/tmp/sascha_silbe/tmpbox.7kmjhKHhbT/etc-xo15-sascha$ grep system-connections .etckeeper maybe chmod 600 './NetworkManager/system-connections/AdHoc for Sugar Ch1' maybe chmod 600 './NetworkManager/system-connections/Auto 802.1x' maybe chmod 600 './NetworkManager/system-connections/Auto FRITZ!Box Fon WLAN 7270' maybe chmod 600 './NetworkManager/system-connections/Auto Sinus W 500V' maybe chmod 600 './NetworkManager/system-connections/Caspar' maybe chmod 600 './NetworkManager/system-connections/DHCP' maybe chmod 600 './NetworkManager/system-connections/link-local' sascha.silbe@twin:/tmp/sascha_silbe/tmpbox.7kmjhKHhbT/etc-xo15-sascha$ Because the files in question were written by NetworkManager, there's a chance for privilege escalation. However it doesn't happen automatically in the default set-up ("etckeeper init" isn't usually run on an existing checkout) and only users that are allowed to configure NetworkManager system connections are able to exploit it, so I'll leave it up to you to decide on the severity and handling. -- System Information: Debian Release: 6.0 APT prefers squeeze-updates APT policy: (500, 'squeeze-updates'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages etckeeper depends on: ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy ii git [git-core] 1:1.7.2.3-2.2 fast, scalable, distributed revisi ii mercurial 1.6.4-1 scalable distributed version contr Versions of packages etckeeper recommends: ii cron 3.0pl1-116 process scheduling daemon etckeeper suggests no packages. -- debconf information: etckeeper/commit_failed: etckeeper/purge: true -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org