What to do about nologin(8)?
David Schultz
das at FreeBSD.ORG
Tue Feb 24 17:43:31 PST 2004
On Tue, Feb 24, 2004, Colin Percival wrote:
> At 22:36 24/02/2004, David Schultz wrote:
> >This is the third time this issue has been discussed, so before
> >the same arguments are rehashed, I'd like to lay out a simple plan
> >that I think people are unlikely to object to. (If anyone *does*
> >object, please say so.)
>
> I object. :)
>
> >(1) Fix login(1) so that it disables the -p option when the target
> > user's shell is not in /etc/shells (unless the invoking user
> > is root)
>
> Adding /sbin/nologin to /etc/shells is a standard way to create
> ftp-only users. This may or may not be the appropriate solution,
> but it is widely used.
Umm...I never claimed that this would completely fix the world's
environment poisoning problems. You seem to be objecting to
fixing a bug on the grounds that some people won't notice that the
bug is gone. (Note that it *is* a bug that 'login -p' works for
users with nonstandard shells; see the CVS log for su for details.)
> >(2) Make nologin(8) setgid nobody, so rtld ignores LD_LIBRARY_PATH.
>
> Wearing my member-of-security-team hat, I have to say I'm rather
> unhappy with this idea. It's also been pointed out (by nectar) that
> there are issues with NFS if files are owned by nobody or nogroup.
What's the problem with uid=root, gid=nogroup, perm=755?
More information about the freebsd-current
mailing list