Date: Fri, 7 Jul 2006 07:36:46 +0200 From: Christian Perrier <bubulle@debian.org> To: 366546-maintonly@bugs.debian.org Cc: "login: please move nologin under /bin directory" <374525@bugs.debian.org>, freebsd-arch@freebsd.org, mstone@debian.org, "Jari Aalto+mail.linux" <jari.aalto@cante.net> Subject: Re: Bug#366546: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender Message-ID: <20060707053646.GG5413@djedefre.onera> In-Reply-To: <44ADEDB7.9000107@freebsd.org> References: <20060509153807.16297.97467.reportbug@cante> <E1FsDxt-0001DV-Nv@cante> <E1FsQpg-0002x9-8H@cante> <20060620050937.GB18750@djedefre.onera> <E1Fxpms-0003TT-T4@cante> <20060704192449.GC76109@submonkey.net> <20060705054251.GF5220@djedefre.onera> <44ABBF13.8030602@freebsd.org> <Pine.LNX.4.61L.0607061818310.3049@wun.zie.pg.gda.pl> <44ADEDB7.9000107@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--WplhKdTI2c8ulnbP Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable (shortening the CC list a little, assuming that ppl from the FreeBSD project read freebsd-arch which seems likely) > FreeBSD's dynamic linker knows about the security issues involving LD_* > (set[ug]id binaries and noexec filesystems) and acts accordingly. Howeve= r, > /usr/sbin/nologin is not set[ug]id, and unlike other shells, we care if a > user can subvert it by preloading libraries. >=20 > Debian might have a different solution to this problem; but this one works > for FreeBSD. >=20 > Colin Percival To refix the context, Tomasz Klockzko, who you're answering to, is not working in the Debian project, but is the upstream author of shadow, which provides two binary packages in Debian, namely login and passwd. nologin is provided in the "login" package. So, in short, Tomasz does not really speak with a Debian-centric reasoning but more with his upstream hat (upstream for "our" nologin of course). --=20 --WplhKdTI2c8ulnbP Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFErfLu1OXtrMAUPS0RAjQwAJ4lOl1irz0UgjbtJohRs7Z3EQkBhwCfWZho KRtIJGm6lunTU9jv6tmj0vk= =KRV7 -----END PGP SIGNATURE----- --WplhKdTI2c8ulnbP--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060707053646.GG5413>