Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail
delivery failed: returning message to sender
Tomasz Kłoczko
kloczek at zie.pg.gda.pl
Thu Jul 6 16:22:43 UTC 2006
On Wed, 5 Jul 2006, Colin Percival wrote:
> Christian Perrier wrote:
> > As a first reaction and as one of the shadow maintainer, I'm now
> > inclined to agree with the choice of the FreeBSD team here.
> >
> > The rationale is clear...
> >
> > I'd like to hear the one from OpenBSD to put nologin in /sbin
> > though.. they might have a different definition of what goes in /sbin
>
> FWIW, nologin was in /sbin in BSD 4.4; this is almost certainly why
> OpenBSD still has /sbin/nologin.
>
> I moved FreeBSD's nologin to /usr/sbin two years ago, because
> 1. nologin needs to be statically linked to avoid linker environment
> security issues,
Key word in this case is "avoiding". If some bad things sits in ld.so why
not fix this directly ?
Also strange thing IMO is in this case is nologin static linking. Yes I
know about ssh pass LD_* but IMO fixing this by static linking is
incorrect way because this is only next "avoiding" ..
kloczek
--
-----------------------------------------------------------
*Ludzie nie majÄ
problemów, tylko sobie sami je stwarzajÄ
*
-----------------------------------------------------------
Tomasz KÅ‚oczko, sys adm @zie.pg.gda.pl|*e-mail: kloczek at rudy.mif.pg.gda.pl*
More information about the freebsd-arch
mailing list