Re: Bug#366546: Bug#374525: [Pkg-shadow-devel] Bug#374525: Bug#366546: Mail delivery failed: returning message to sender



(shortening the CC list a little, assuming that ppl from the FreeBSD
project read freebsd-arch which seems likely)

FreeBSD's dynamic linker knows about the security issues involving LD_*
(set[ug]id binaries and noexec filesystems) and acts accordingly. However,
/usr/sbin/nologin is not set[ug]id, and unlike other shells, we care if a
user can subvert it by preloading libraries.

Debian might have a different solution to this problem; but this one works
for FreeBSD.

Colin Percival

To refix the context, Tomasz Klockzko, who you're answering to, is not
working in the Debian project, but is the upstream author of shadow,
which provides two binary packages in Debian, namely login and
passwd. nologin is provided in the "login" package.

So, in short, Tomasz does not really speak with a Debian-centric
reasoning but more with his upstream hat (upstream for "our" nologin
of course).

--



Attachment: signature.asc
Description: Digital signature



Relevant Pages

  • Re: Best linux Distro 2011
    ... The FreeBSD Ports system isn't the only means to install software. ... debian is running on the most different hardware, on intel ... Slackware is more pure in my option, only because the developer aims to ... Bugs are fixed quite fast in FreeBSD too, spend time on -ports, ...
    (Debian-User)
  • Re: Review of FreeBSD 5.4
    ... but not less problems compared to FreeBSD. ... If you like to have a bleeding edge system using debian --- just go ... > the linux kernel suffers. ... When the kernel suffers, everyone who uses ...
    (comp.unix.bsd.freebsd.misc)
  • Re: xdm-options - non-bsd user needs bsd rc.d advice
    ... FreeBSD is definitely a better choice for *me* than Debian, ... open wireless network at a coffee shop. ... deterministic behavior out of their OSes, ...
    (freebsd-questions)
  • Re: Vector Linux
    ... Debian is the favorite desktop flavor, with FreeBSD on the server. ... and my fallback desktop machine when necessary. ...
    (alt.os.linux)
  • Re: FreeBSD or DEBIAN for remotely administered internet server
    ... FreeBSD is by far the best *for me* from the ... Debian, OTOH, has an excellent track record when it comes to stability ... documentation is excellent for this which, IMHO, is one of the most ... The O'Reilly BSD site is worth a visit, ...
    (comp.unix.bsd.freebsd.misc)