Bug#374525: Bug#366546: Bug#374525: [Pkg-shadow-devel] Bug#374525:
Bug#366546: Mail delivery failed: returning message to sender
Christian Perrier
bubulle at debian.org
Fri Jul 7 05:36:46 UTC 2006
(shortening the CC list a little, assuming that ppl from the FreeBSD
project read freebsd-arch which seems likely)
> FreeBSD's dynamic linker knows about the security issues involving LD_*
> (set[ug]id binaries and noexec filesystems) and acts accordingly. However,
> /usr/sbin/nologin is not set[ug]id, and unlike other shells, we care if a
> user can subvert it by preloading libraries.
>
> Debian might have a different solution to this problem; but this one works
> for FreeBSD.
>
> Colin Percival
To refix the context, Tomasz Klockzko, who you're answering to, is not
working in the Debian project, but is the upstream author of shadow,
which provides two binary packages in Debian, namely login and
passwd. nologin is provided in the "login" package.
So, in short, Tomasz does not really speak with a Debian-centric
reasoning but more with his upstream hat (upstream for "our" nologin
of course).
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20060707/7ee0d6e5/attachment.pgp
More information about the Pkg-shadow-devel
mailing list