Re: your mail

From: David Schultz (dschultz@uclink.Berkeley.EDU)
Date: 01/21/03


Date: Mon, 20 Jan 2003 16:51:08 -0800
From: David Schultz <dschultz@uclink.Berkeley.EDU>
To: Anthony Schneider <anthony@x-anthony.com>

Thus spake Anthony Schneider <anthony@x-anthony.com>:
> statically linked? is /sbin/nologin not a shell script anymore?

Sorry, I was thinking of OpenBSD, in which /sbin/nologin is a
shell script. In the FreeBSD version, you are probably safe from
environment poisoning attacks provided that your /bin/sh is
statically linked. It would be safer to use /usr/bin/false or a
simple C program, though, since a lot in libc depends on the
environment.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message