Description
Mandatory info for bug reports:
FreeBSD version ( uname -a ): 14.0-RELEASE-p6
CBSD version ( cbsd version ): 14.2.1
Accidentally bumped into this, after updated to CBSD 14.2.1 from 14.1.x, and started to test intermediately testing it. However another host an older CBSD v14.0.8 gives the same/similar strange behavior:
[root@server ~]# cbsd -h
root@phoenix:/var/empty # id
uid=0(root) gid=0(wheel) groups=0(wheel),5(operator)
root@server:/var/empty # exit
[root@server ~]# cbsd -
root@server:/var/empty # ^D
[root@server ~]# cbsd -
root@server:/var/empty # ^D
[root@server ~]# cbsd --
root@server:/var/empty # ^D
[root@server ~]# cbsd -v
#
# .shrc - bourne shell startup file
#
# This file will be used if the shell is invoked for interactive use and
# the environment variable ENV is set to this file.
#
# see also sh(1), environ(7).
In short (wrong) parameters with a single hyphen drops into a different prompt same user, "-v" actually cat the user's ~/.shrc file. I guess either some new additions led into this behavior, or some type introduced somewhere in the scripts around cbsd. I can't run cbsd as non-root user, so it is possible no privilege escalation vulnerability connected to this bug.
Expected behavior: for wrong parameters cbsd should throw a short output to cli as a help, but not the whole "cbsd --help" output.