Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender

To: Colin Percival <cperciva@freebsd.org>, "login: please move nologin under /bin directory" <374525@bugs.debian.org>
Cc: "Jari Aalto+mail.linux" <jari.aalto@cante.net>, "exim4-daemon-heavy: Use /bin/nologin instead of /bin/false in /etc/passwd" <366546-maintonly@bugs.debian.org>, "pidentd: [security] use /bin/nologin instead of /bin/false in /etc/passwd" <366545-maintonly@bugs.debian.org>, Ceri Davies <ceri@freebsd.org>, mstone@debian.org, freebsd-arch@freebsd.org, "openssh-server: [security] use /bin/nologin instead of /bin/false" <366541-maintonly@bugs.debian.org>, anibal@debian.org, debian-bugs-dist@lists.debian.org, Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
Subject: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
From: Tomasz Kłoczko <kloczek@zie.pg.gda.pl>
Date: Thu, 6 Jul 2006 18:22:33 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.61L.0607061818310.3049@wun.zie.pg.gda.pl>
Reply-to: Tomasz Kłoczko <kloczek@zie.pg.gda.pl>, 366541-maintonly@bugs.debian.org
In-reply-to: <[🔎] 44ABBF13.8030602@freebsd.org>
References: <20060509153807.16297.97467.reportbug@cante> <E1FsDxt-0001DV-Nv@cante> <E1FsQpg-0002x9-8H@cante> <20060620050937.GB18750@djedefre.onera> <[🔎] E1Fxpms-0003TT-T4@cante> <[🔎] 20060704192449.GC76109@submonkey.net> <[🔎] 20060705054251.GF5220@djedefre.onera> <[🔎] 44ABBF13.8030602@freebsd.org>

On Wed, 5 Jul 2006, Colin Percival wrote:

> Christian Perrier wrote:
> > As a first reaction and as one of the shadow maintainer, I'm now
> > inclined to agree with the choice of the FreeBSD team here.
> > 
> > The rationale is clear...
> > 
> > I'd like to hear the one from OpenBSD to put nologin in /sbin
> > though.. they might have a different definition of what goes in /sbin
> 
> FWIW, nologin was in /sbin in BSD 4.4; this is almost certainly why
> OpenBSD still has /sbin/nologin.
> 
> I moved FreeBSD's nologin to /usr/sbin two years ago, because
> 1. nologin needs to be statically linked to avoid linker environment
> security issues,

Key word in this case is "avoiding". If some bad things sits in ld.so why 
not fix this directly ?
Also strange thing IMO is in this case is nologin static linking. Yes I 
know about ssh pass LD_* but IMO fixing this by static linking is 
incorrect way because this is only next "avoiding" ..

kloczek
-- 
-----------------------------------------------------------
*Ludzie nie majÄ? problemÃ³w, tylko sobie sami je stwarzajÄ?*
-----------------------------------------------------------
Tomasz KÅ?oczko, sys adm @zie.pg.gda.pl|*e-mail: kloczek@rudy.mif.pg.gda.pl*

Reply to:

Follow-Ups:
- Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
  - From: Colin Percival <cperciva@freebsd.org>

References:
- Bug#366541: Bug#366546: Mail delivery failed: returning message to sender
  - From: jari.aalto@cante.net (Jari Aalto+mail.linux)
- Bug#366541: Bug#366546: Mail delivery failed: returning message to sender
  - From: Ceri Davies <ceri@FreeBSD.org>
- Bug#366541: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
  - From: Christian Perrier <bubulle@debian.org>
- Bug#366541: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
  - From: Colin Percival <cperciva@freebsd.org>

Prev by Date: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
Next by Date: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
Previous by thread: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
Next by thread: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
Index(es):
- Date
- Thread