-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 02/15/12 11:28, Ansar Mohammed wrote: > Hello all, I am trying to build a minimal size FreeBSD 9 > installation and I noticed that the size of nologin is almost > 200k. I built FreeBSD from source so I checked the distribution, > and it's also 200k. So I went back to the source and just compiled > nologin.c and it came up to 5k.
The Makefile have described why it's statically linked: # It is important that nologin be statically linked for security # reasons. A dynamic non-setuid binary can be linked against a trojan # libc by setting LD_LIBRARY_PATH appropriately. Both sshd(8) and # login(1) make it possible to log in with an unsanitized environment, # rendering a dynamic nologin binary virtually useless. NO_SHARED= YES Cheers, - -- Xin LI <delp...@delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iQEbBAEBCAAGBQJPPA7RAAoJEG80Jeu8UPuz2k0H8wbyLWS6+V0ebKJzPtB1BZzP o6VWo6sXrG5sMb7kegQdtouYjjfCh1XGxj8jT/nCdOcmXFTvta4GaEnwNZjT3IJp bhIRU3sh7G3AOs9WjXlDhwyPCuLp3LdWPu6/4kjdME3VZp6YQRn6SSHtS/OAG/nS HJtlee64Udlkj1OVIPKENpdSdv4dzJt5afSsK0Ju9HH+vrpFKv5fwUWcXVCFya4R iPiU+hDlVUG0ivjK7Aa12rKavrJxmuC6am7KansLF9LsjTHm8zBxswPgJwVEXO9v xIoFHnbfUHLi9r/NAUICudpPmoNfp8M8MNei+n2KQwPK4FsHdiIGcIkfQCsrJQ== =4yw1 -----END PGP SIGNATURE----- _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"