Bug#366546: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546:
Mail delivery failed: returning message to sender
Colin Percival
cperciva at freebsd.org
Fri Jul 7 05:14:31 UTC 2006
Tomasz K?oczko wrote:
> On Wed, 5 Jul 2006, Colin Percival wrote:
>> I moved FreeBSD's nologin to /usr/sbin two years ago, because
>> 1. nologin needs to be statically linked to avoid linker environment
>> security issues,
>
> Key word in this case is "avoiding". If some bad things sits in ld.so why
> not fix this directly ?
> Also strange thing IMO is in this case is nologin static linking. Yes I
> know about ssh pass LD_* but IMO fixing this by static linking is
> incorrect way because this is only next "avoiding" ..
FreeBSD's dynamic linker knows about the security issues involving LD_*
(set[ug]id binaries and noexec filesystems) and acts accordingly. However,
/usr/sbin/nologin is not set[ug]id, and unlike other shells, we care if a
user can subvert it by preloading libraries.
Debian might have a different solution to this problem; but this one works
for FreeBSD.
Colin Percival
More information about the Pkg-exim4-maintainers
mailing list