Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender

To: Tomasz K?oczko <kloczek@zie.pg.gda.pl>
Cc: "login: please move nologin under /bin directory" <374525@bugs.debian.org>, "Jari Aalto+mail.linux" <jari.aalto@cante.net>, "exim4-daemon-heavy: Use /bin/nologin instead of /bin/false in /etc/passwd" <366546-maintonly@bugs.debian.org>, "pidentd: [security] use /bin/nologin instead of /bin/false in /etc/passwd" <366545-maintonly@bugs.debian.org>, Ceri Davies <ceri@freebsd.org>, mstone@debian.org, freebsd-arch@freebsd.org, "openssh-server: [security] use /bin/nologin instead of /bin/false" <366541-maintonly@bugs.debian.org>, anibal@debian.org, debian-bugs-dist@lists.debian.org, Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
Subject: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
From: Colin Percival <cperciva@freebsd.org>
Date: Thu, 06 Jul 2006 22:14:31 -0700
Message-id: <[🔎] 44ADEDB7.9000107@freebsd.org>
Reply-to: Colin Percival <cperciva@freebsd.org>, 366541-maintonly@bugs.debian.org
In-reply-to: <[🔎] Pine.LNX.4.61L.0607061818310.3049@wun.zie.pg.gda.pl>
References: <20060509153807.16297.97467.reportbug@cante> <E1FsDxt-0001DV-Nv@cante> <E1FsQpg-0002x9-8H@cante> <20060620050937.GB18750@djedefre.onera> <[🔎] E1Fxpms-0003TT-T4@cante> <[🔎] 20060704192449.GC76109@submonkey.net> <[🔎] 20060705054251.GF5220@djedefre.onera> <[🔎] 44ABBF13.8030602@freebsd.org> <[🔎] Pine.LNX.4.61L.0607061818310.3049@wun.zie.pg.gda.pl>

Tomasz K?oczko wrote:
> On Wed, 5 Jul 2006, Colin Percival wrote:
>> I moved FreeBSD's nologin to /usr/sbin two years ago, because
>> 1. nologin needs to be statically linked to avoid linker environment
>> security issues,
> 
> Key word in this case is "avoiding". If some bad things sits in ld.so why 
> not fix this directly ?
> Also strange thing IMO is in this case is nologin static linking. Yes I 
> know about ssh pass LD_* but IMO fixing this by static linking is 
> incorrect way because this is only next "avoiding" ..

FreeBSD's dynamic linker knows about the security issues involving LD_*
(set[ug]id binaries and noexec filesystems) and acts accordingly.  However,
/usr/sbin/nologin is not set[ug]id, and unlike other shells, we care if a
user can subvert it by preloading libraries.

Debian might have a different solution to this problem; but this one works
for FreeBSD.

Colin Percival

Reply to:

References:
- Bug#366541: Bug#366546: Mail delivery failed: returning message to sender
  - From: jari.aalto@cante.net (Jari Aalto+mail.linux)
- Bug#366541: Bug#366546: Mail delivery failed: returning message to sender
  - From: Ceri Davies <ceri@FreeBSD.org>
- Bug#366541: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
  - From: Christian Perrier <bubulle@debian.org>
- Bug#366541: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
  - From: Colin Percival <cperciva@freebsd.org>
- Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
  - From: Tomasz Kłoczko <kloczek@zie.pg.gda.pl>

Prev by Date: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
Next by Date: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
Previous by thread: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
Next by thread: Bug#366541: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender
Index(es):
- Date
- Thread