Do not redirect STDERR of the main security(8) script to /dev/null,

not even for calling three particular functions, as that carries a risk
of hiding serious errors in the security(8) script itself: otto@ found
and reported a bug (already fixed by now) where that hurt him.

Instead, only do the redirection where it is really needed, that is,
inside the forked csh(1) child process.  The csh(1) "eval" builtin is
required because the csh(1) "source" builtin apparently ignores
redirections.

No objections came up when showing this diff on tech@.

1 files changed, 3 insertions, 7 deletions

diff --git a/libexec/security/security b/libexec/security/security
index 424371caba9..faa8e1cd681 100644
--- a/libexec/security/security
+++ b/libexec/security/security
@@ -1,6 +1,6 @@
 #!/usr/bin/perl -T
 
-# $OpenBSD: security,v 1.29 2014/06/24 16:18:30 schwarze Exp $
+# $OpenBSD: security,v 1.30 2014/06/26 16:00:16 schwarze Exp $
 #
 # Copyright (c) 2011, 2012, 2014 Ingo Schwarze <schwarze@openbsd.org>
 # Copyright (c) 2011 Andrew Fresh <andrew@afresh1.com>
@@ -230,7 +230,8 @@ sub check_csh {
 		$umaskset = 1 if check_umask $filename;
 
 		nag !(open my $fh, '-|', qw(/bin/csh -f -c),
-			"source $filename; echo PATH=\$path"),
+			"eval 'source $filename' >& /dev/null; " .
+			"echo PATH=\$path"),
 		    "cannot spawn /bin/csh: $!"
 		    and next;
 		my @output = <$fh>;
@@ -883,13 +884,8 @@ sub check_pkglist {
 check_passwd;
 backup_passwd;
 check_group;
-
-open my $olderr, '>&', \*STDERR;
-open STDERR, '>', '/dev/null';
 check_csh;
 check_ksh(check_sh);
-open STDERR, '>&', $olderr;
-
 $check_title = "Checking configuration files:";
 check_mail_aliases;
 check_hostname_if;