>Number:         3691
>Category:       misc
>Synopsis:       /etc/security: comments are not ignored in /etc/exports
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    misc-bug-people (Misc Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat May 31 02:50:02 1997
>Last-Modified:
>Originator:     Jaromir Dolecek
>Organization:
	ICS MU, Brno, Czech Republic
>Release:        1.2E
>Environment:
	
System: NetBSD moria.ics.muni.cz 1.2E NetBSD 1.2E (f) #1: Thu May 29 21:58:50 MET DST 1997 dolecek@saruman.ics.muni.cz:/home/dolecek/tmp/f/src/sys/arch/i386/compile/f i386


>Description:
	/etc/exports is daily checked, if there are some globally exported
	filesystems. But it's done a way that comments (and blank lines)
	are not ignored as they should be by exports(5).
>How-To-Repeat:
	add some comment to /etc/exports and see that daily insecurity
	report says:
		File system # is globally exported, read-write.
>Fix:
*** security.orig	Sat May 31 10:20:48 1997
--- security	Sat May 31 10:28:59 1997
***************
*** 369,374 ****
--- 369,377 ----
  	if [ -f /etc/exports ]; then
  	    # File systems should not be globally exported.
  	    awk '{
+ 		#ignore comments and blank lines
+ 		if ($LINE ~ /^\#/ || $LINE ~ /^$/ ) next;
+ 
  		readonly = 0;
  		for (i = 2; i <= NF; ++i) {
  			if ($i ~ /-ro/)
>Audit-Trail:
>Unformatted: