Environment Poisoning and login -p
Andrey Chernov
ache at nagual.pp.ru
Thu Feb 26 14:53:36 PST 2004
On Wed, Feb 25, 2004 at 10:54:31AM -0800, Tim Kientzle wrote:
> Possible fix: Ignore "-p" flag if target shell is not
> in /etc/shells. In this scenario, a nologin program would
> not be listed in /etc/shells, and thus such attacks would
> be blocked.
Please, no, -p functionality is there for reason.
> Possible fix: Have login unconditionally discard LD_LIBRARY_PATH
> and LD_PRELOAD from the environment, even if "-p" is specified.
Yes! It is what I say from very beginning. It is so obvious that I wonder
why others not see it first.
> Possible fix: Eliminate the "-p" option to login.
No.
--
Andrey Chernov | http://ache.pp.ru/
More information about the freebsd-security
mailing list