Date: Thu, 26 Feb 2004 22:07:32 -0800 (PST) From: Don Lewis <truckman@FreeBSD.org> To: ache@nagual.pp.ru Cc: colin.percival@wadham.ox.ac.uk Subject: Re: What to do about nologin(8)? Message-ID: <200402270607.i1R67W7E082728@gw.catspoiler.org> In-Reply-To: <20040226224744.GA73252@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 27 Feb, Andrey Chernov wrote: > As I already say many times, this is not nologin problem, repeat, no > problem with nologin, _all_ 3rd party shells and scripts suffer because of > this, it should be fixed in the caller, not in the shell. This isn't a problem in the case of interactive shells, or if you think it is a problem, it isn't fixable by modifying login to sanitize the environment. If my shell is /bin/sh (or whatever), anything evil that I might be able to do by getting login -p to pass LD_PRELOAD to my shell I can just as easily do by logging in interactively and running env LD_PRELOAD=whatever /bin/sh
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200402270607.i1R67W7E082728>