> On Tue, Feb 24, 2004 at 03:56:44PM -0800, Tim Kientzle wrote: > > >>(2) Make nologin(8) setgid nobody, so rtld ignores LD_LIBRARY_PATH. > > > > > > Wearing my member-of-security-team hat, I have to say I'm rather > > >unhappy with this idea. It's also been pointed out (by nectar) that > > >there are issues with NFS if files are owned by nobody or nogroup. > > This idea is comes from very narrow vision. What to do, say, with > dynamically linked /usr/local/bin/bash? Whole "nologin" story starts Interestingly /usr/local/bin/bash is statically linked by default. Well, the bash2 port is at least. [ian] ~ $ ldd /usr/local/bin/bash ldd: /usr/local/bin/bash: not a dynamic executable Ian -- Ian FreislichReceived on Tue Feb 24 2004 - 22:36:22 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:44 UTC