Date: Thu, 26 Feb 2004 15:21:37 +0100 From: Arne Schwabe <arne@rfc2549.org> To: Andrey Chernov <ache@nagual.pp.ru> Cc: Colin Percival <colin.percival@wadham.ox.ac.uk> Subject: Re: What to do about nologin(8)? Message-ID: <86hdxdapla.fsf@kamino.rfc1149.org> In-Reply-To: <20040223231219.GA83154@nagual.pp.ru> (Andrey Chernov's message of "Tue, 24 Feb 2004 02:12:19 %2B0300") References: <6.0.1.1.1.20040223171828.03de8b30@imap.sfu.ca> <20040223231219.GA83154@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrey Chernov <ache@nagual.pp.ru> writes: > On Mon, Feb 23, 2004 at 05:45:07PM +0000, Colin Percival wrote: >> For security reasons, nologin(8) must be statically linked; > > What that mystical reasons are, exactly? I see no one while it is not have > s-bit set. At least -current /sbin is dynamically linked, so nologin must > too. See for example: http://www.mindsec.com/files/5JP0H2A7PW.html Arne -- <Amici|Kitty> 666 is the number of the beast ;P <momo8D> 6667 is the number of you losing whatever social life you might have had. -- (bash #214827)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86hdxdapla.fsf>