Hi Marcus, MERIGHI Marcus wrote on Wed, Dec 29, 2010 at 07:43:08PM +0100:
> security(8) reports > ``/home/XXX/Daten/Edv/macs/macs-home/Library/Application'' > as ``Setuid additions:'' where the real file name is > ``/home/XXX/Daten/Edv/macs/macs-home/Library/Application Support/\ > ProxyOnOff/proxyOnOffTool'' > > I have found the source of the wrong file name report to be in line 437 > of /etc/security: > ``egrep -av '^[bc]' $LIST | join -o $FIELDS2 -110 -210 -v2 \ > /dev/null - > $TMP1'', > > with join having space (and tab) characters as field separators and thus > ignoring after first space characters found in field 10. Hmm, i consider that a bug in security(8). > No quick fix that comes to my mind, using -t to join(1) would help only > if the output of ls(1) in line 430 would be changed to not contain space > characters as output separators. That idea is not bad. Maybe, one could use sed(1) or awk(1) to translate the first ten spaces to null bytes before the join, then translate them back before output, if needed. Or something similar. I should probably have a closer look. > Is this known It was news to me, at least. > and if yes, would a patch to the man page be accepted? Fixing bugs is better than documenting them, in particular in security(8). > And no, I do not use space characters voluntarily in file names. > It is a back up of an osx system. You have mount(8)ed that file system -o nodev,noexec - right? In that case, there is no point in running the suid checks on it. Consider using SUIDSKIP as documented in security(8). Yours, Ingo
