cvs commit: src/sbin/nologin Makefile nologin.c nologin.sh
Tony Finch
dot at dotat.at
Tue Nov 18 02:30:14 PST 2003
On Mon, Nov 17, 2003 at 08:29:09PM -0500, Garance A Drosihn wrote:
>
> This would have been much more of a bikeshed back when it would
> have been comparing a sh-script to a statically-linked binary,
> but it doesn't seem like much of one now. (IMO)
$ cat /usr/src/sbin/nologin/Makefile
# @(#)Makefile 8.2 (Berkeley) 4/22/94
# $FreeBSD: src/sbin/nologin/Makefile,v 1.9 2003/11/17 06:39:38 das Exp $
PROG= nologin
MAN= nologin.5 nologin.8
# It is important that nologin be statically linked for security
# reasons. A dynamic non-setuid binary can be linked against a trojan
# libc by setting LD_LIBRARY_PATH appropriately. Both sshd(8) and
# login(1) make it possible to log in with an unsanitized environment,
# rendering a dynamic nologin binary virtually useless.
NOSHARED= YES
.include <bsd.prog.mk>
Tony.
--
f.a.n.finch <dot at dotat.at> http://dotat.at/
NORTH BAILEY: CYCLONIC BECOMING SOUTHWESTERLY 5 TO 7. RAIN THEN SHOWERS.
MODERATE OR GOOD.
More information about the cvs-src
mailing list