Re: your mail

From: David Schultz (dschultz@uclink.Berkeley.EDU)
Date: 01/21/03

Date: Mon, 20 Jan 2003 16:51:08 -0800
From: David Schultz <dschultz@uclink.Berkeley.EDU>
To: Anthony Schneider <>

Thus spake Anthony Schneider <>:
> statically linked? is /sbin/nologin not a shell script anymore?

Sorry, I was thinking of OpenBSD, in which /sbin/nologin is a
shell script. In the FreeBSD version, you are probably safe from
environment poisoning attacks provided that your /bin/sh is
statically linked. It would be safer to use /usr/bin/false or a
simple C program, though, since a lot in libc depends on the

To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message