Re: your mail
From: David Schultz (dschultz@uclink.Berkeley.EDU)
- Next message: Anthony Schneider: "Re: your mail"
- Previous message: Crist J. Clark: "Re: your mail"
- In reply to: Anthony Schneider: "Re: your mail"
- Next in thread: Peter Elsner: "Re:"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 20 Jan 2003 16:51:08 -0800 From: David Schultz <dschultz@uclink.Berkeley.EDU> To: Anthony Schneider <email@example.com>
Thus spake Anthony Schneider <firstname.lastname@example.org>:
> statically linked? is /sbin/nologin not a shell script anymore?
Sorry, I was thinking of OpenBSD, in which /sbin/nologin is a
shell script. In the FreeBSD version, you are probably safe from
environment poisoning attacks provided that your /bin/sh is
statically linked. It would be safer to use /usr/bin/false or a
simple C program, though, since a lot in libc depends on the
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message