Date: Mon, 23 Feb 2004 09:53:18 +0100 From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) To: Garance A Drosihn <drosih@rpi.edu> Cc: cvs-src@FreeBSD.org Subject: Re: cvs commit: src/sbin/nologin Makefile nologin.c Message-ID: <xzpwu6ei3cx.fsf@dwp.des.no> In-Reply-To: <p0602046cbc5efbce2d6a@[128.113.24.47]> (Garance A. Drosihn's message of "Sun, 22 Feb 2004 19:40:22 -0500") References: <200402221003.i1MA3PW0024791@repoman.freebsd.org> <6.0.1.1.1.20040222133540.03c296b0@imap.sfu.ca> <200402221500.38486.wes@softweyr.com> <6.0.1.1.1.20040222230357.03ca6ec0@imap.sfu.ca> <p0602046cbc5efbce2d6a@[128.113.24.47]>
next in thread | previous in thread | raw e-mail | index | archive | help
Garance A Drosihn <drosih@rpi.edu> writes: > My memory fails me. Wasn't there some specific reason that nologin > is statically-linked? At this point, most programs in /sbin are not > statically-linked. monkey business like LD_LIBRARY_PATH=3D$HOME/evil/lib su foo since nologin isn't suid / sgid, LD_LIBRARY_PATH will be obeyed, which can have interesting results if for instance $HOME/evil/lib contains a libc.so with a "customized" fprintf(). DES --=20 Dag-Erling Sm=F8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpwu6ei3cx.fsf>