On Thu, Feb 26, 2004 at 03:21:37PM +0100, Arne Schwabe wrote: > Andrey Chernov <ache_at_nagual.pp.ru> writes: > > > On Mon, Feb 23, 2004 at 05:45:07PM +0000, Colin Percival wrote: > >> For security reasons, nologin(8) must be statically linked; > > > > What that mystical reasons are, exactly? I see no one while it is not have > > s-bit set. At least -current /sbin is dynamically linked, so nologin must > > too. > > See for example: http://www.mindsec.com/files/5JP0H2A7PW.html As I already say many times, this is not nologin problem, repeat, no problem with nologin, _all_ 3rd party shells and scripts suffer because of this, it should be fixed in the caller, not in the shell. Even if you "fix" nologin, what home-made shell comes next? -- Andrey Chernov | http://ache.pp.ru/Received on Thu Feb 26 2004 - 13:47:48 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:44 UTC