https://bugzilla.novell.com/show_bug.cgi?id=735394 https://bugzilla.novell.com/show_bug.cgi?id=735394#c0 Summary: sysconfig: Improper quoting of variable (wireless AP related) Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: jnelson-suse@jamponi.net QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:8.0) Gecko/20100101 Firefox/8.0 In this context, the variable "CONFIG" comes from the *name* of the AP one might be associated with in a wireless environment (which can contain just about any old cruft.) In my case, I connected to a network with a space in the name, and *happened* to be watching /var/log/messages and /var/log/NetworkManager. This is what I saw: Dec 7 09:41:23 some_laptop dbus-daemon[20761]: scripts/ifup-services: line 98: test: ./ifcfg-wlan0-Uphill: binary operator expected Line 98-100 reads: test -f ./ifcfg-$CONFIG && . ./ifcfg-$CONFIG if [ -d "ifservices-$CONFIG" ] ; then cd ifservices-$CONFIG The first and third lines make use of $CONFIG _unquoted_. I can see this being a potential security issue. It's probably worth auditing the rest of the associated files for similar issues. Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.